3 matches found
CVE-2023-33276
The web interface of Gira Giersiepen Gira KNX/IP-Router 3.1.3683.0 and 3.3.8.0 responds with a "404 - Not Found" status code if a path is accessed that does not exist. However, the value of the path is reflected in the response. As the application will reflect the supplied path without...
CVE-2023-33276
The web interface of Gira Giersiepen Gira KNX/IP-Router 3.1.3683.0 and 3.3.8.0 responds with a "404 - Not Found" status code if a path is accessed that does not exist. However, the value of the path is reflected in the response. As the application will reflect the supplied path without...
CVE-2023-33276
The CVE-2023-33276 issue affects Gira KNX/IP-Router web interface versions 3.1.3683.0–3.3.8.0, where reflecting a non-existent path in the HTTP response without HTML encoding enables reflective cross-site scripting (XSS). Documented by multiple sources (e.g., Red Hat, PRion/PT Security) note the ...