4 matches found
CVE-2022-27462
Cross Site Scripting XSS vulnerability in objects/function.php in function getDeviceID in WWBN AVideo through 11.6, via the yptDevice parameter to view/include/head.php...
CVE-2022-27462
Cross Site Scripting XSS vulnerability in objects/function.php in function getDeviceID in WWBN AVideo through 11.6, via the yptDevice parameter to view/include/head.php...
CVE-2022-27462
WWBN AVideo (through 11.6) is affected by CVE-2022-27462, a Cross Site Scripting (XSS) in objects/function.php:getDeviceID that can be triggered via the yptDevice parameter sent to view/include/head.php. The root cause is improper handling of the yptDevice input, allowing injected scripts to run ...
CVE-2022-27462
Cross Site Scripting XSS vulnerability in objects/function.php in function getDeviceID in WWBN AVideo through 11.6, via the yptDevice parameter to view/include/head.php...