CVE-2020-10633
CVE-2020-10633 is a non-persistent Cross-Site Scripting (CWE-79) vulnerability in HMS Networks eWON Flexy and eWON Cosy firmware versions prior to 14.1s0. An attacker can send a crafted URL to initiate a password change on the device; the target must enter credentials to complete the attack. Affe...