2 matches found
GeoVision GV-VR360 and GV-VD8700 Cameras Cross-site Scripting (CVE-2019-13407)
A XSS found in Advan VD-1 firmware versions up to 230. VD-1 responses a path error message when a requested resource was not found in page cgibin/ssi.cgi. It leads to a reflected XSS because the error message does not escape properly. This plugin only works with Tenable.ot. Please visit...
CVE-2019-13407
CVE-2019-13407 affects Advan VD-1 firmware versions up to 230. The issue arises in cgibin/ssi.cgi where a resource-not-found error message is not properly escaped, causing a reflected cross-site scripting (XSS) vulnerability. Impact is user-injected script execution in the context of the device’s...