3 matches found
CVE-2018-8846
Philips e-Alert Unit (non-medical device), Version R2.1 and prior, contains an input handling flaw that allows cross-site scripting when user-controlled data is placed in web page output. This CVE (CVE-2018-8846) is documented with a CWE-79 XSS pattern and a CVSS v3 base score of 7.1 (AV:N/AC:L/P...
CVE-2018-8846
Philips e-Alert Unit non-medical device, Version R2.1 and prior. The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is then served to other users...
Philips e-Alert Unit
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit/exploitable from within the same local subnet Vendor: Philips Equipment: Philips e-Alert Unit non-medical device Vulnerabilities: Improper Input Validation, Cross-site Scripting, Information Exposure,...