CVE-2018-6906
The CVE-2018-6906 entry concerns a persistent Cross-Site Scripting (XSS) vulnerability in Green Electronics RainMachine Mini-8 (2nd Generation) and Touch HD 12 Web Application. According to the sources, an attacker can inject arbitrary JavaScript through the REST API, enabling an XSS exposure tha...