2 matches found
CVE-2020-16246
The CVE-2020-16246 entry pertains to GE Reason S20 Ethernet Switches (S2020, S2024) affected by cross-site scripting due to improper neutralization of input during web page generation (CWE-79). Root cause: unvalidated/unsanitized input in the web interface enables crafted requests to render malic...
CVE-2020-16246 GE Reason S20 Ethernet Switch
The affected Reason S20 Ethernet Switch is vulnerable to cross-site scripting XSS, which may allow attackers to trick users into following a link or navigating to a page that posts a malicious JavaScript statement to the vulnerable site, causing the malicious JavaScript to be rendered by the site...