2 matches found
Mimosa PTP Devices Stored Cross Site Scripting (CVE-2020-25205)
A cross-site scripting vulnerability exists in Mimosa PTP Devices. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...
CVE-2020-25205
The CVE-2020-25205 vulnerability affects Mimosa PTP/M5/M5c/C5x firmware up to version 2.8.0.2. It is a stored cross-site scripting flaw in the web console’s set_banner() function located at /var/www/core/controller/index.php. An unauthenticated attacker can write arbitrary JavaScript to /mnt/jffs...