CVE-2022-38814
FiberHome AN5506-02-B (model vRP2521) contains a stored XSS vulnerability in the auth_settings component. An attacker can inject HTML/script via the sncfg_loid text field to execute arbitrary scripts in the user’s browser. Documented across multiple feeds (NVD/Red Hat/CVE records and PT Security)...