CVE-2018-6603
The CVE-2018-6603 issue affects Promise Technology WebPam Pro-E devices, where remote attackers can exploit a failure to filter parameters in the PHPSESSID cookie to trigger XSS, HTTP Response Splitting, and CRLF Injection via JavaScript in the cookie. Public references in CNVD/NVD entries corrob...