3 matches found
CVE-2022-21146 ICSA-22-062-01 IPCOMM ipDIO
Persistent cross-site scripting in the web interface of ipDIO allows an unauthenticated remote attacker to introduce arbitrary JavaScript by injecting an XSS payload into a specific parameter. The XSS payload will be executed when a legitimate user attempts to review history...
CVE-2022-21146
CVE-2022-21146 affects IPCOMM ipDIO web interface. It is a persistent cross-site scripting vulnerability in a web parameter that allows an unauthenticated remote attacker to inject arbitrary JavaScript, with execution when a legitimate user reviews history. The issue is identified in multiple rec...
IPCOMM ipDIO
1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: IPCOMM Equipment: ipDIO Vulnerabilities: Cross-site Scripting, Code Injection 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to inject and execute arbitrary...