4 matches found
Zyxel ZyWal/USG/UAG Devices - Cross-Site Scripting
Zyxel ZyWall, USG, and UAG devices allow remote attackers to inject arbitrary web script or HTML via the errmsg parameter freetimefailed.cgi CGI program, aka reflective cross-site scripting. id: CVE-2019-12581 info: name: Zyxel ZyWal/USG/UAG Devices - Cross-Site Scripting author: n-thumann...
CVE-2019-12581
A reflective Cross-site scripting XSS vulnerability in the freetimefailed.cgi CGI program in selected Zyxel ZyWall, USG, and UAG devices allows remote attackers to inject arbitrary web script or HTML via the errmsg parameter...
CVE-2019-12581
A reflective Cross-site scripting XSS vulnerability in the freetimefailed.cgi CGI program in selected Zyxel ZyWall, USG, and UAG devices allows remote attackers to inject arbitrary web script or HTML via the errmsg parameter...
CVE-2019-12581
The CVE-2019-12581 issue affects Zyxel ZyWall, USG, and UAG devices, where the free_time_failed.cgi CGI is vulnerable to a reflective XSS via the err_msg parameter. The Nuclei template specifies that remote attackers can inject arbitrary web script or HTML, with the attack context limited to the ...