3 matches found
CVE-2022-24432 ICSA-22-062-01 IPCOMM ipDIO
Persistent cross-site scripting XSS in the web interface of ipDIO allows an authenticated remote attacker to introduce arbitrary JavaScript by injecting an XSS payload into specific fields. The XSS payload will be executed when a legitimate user attempts to upload, copy, download, or delete an...
CVE-2022-24432
CVE-2022-24432 describes a persistent cross-site scripting (XSS) vulnerability in the IPCOMM ipDIO web interface. The issue allows an authenticated remote attacker to inject arbitrary JavaScript by placing an XSS payload into certain fields, with payload execution occurring when users upload, cop...
IPCOMM ipDIO
1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: IPCOMM Equipment: ipDIO Vulnerabilities: Cross-site Scripting, Code Injection 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to inject and execute arbitrary...