3 matches found
Advantech EKI-1524-CE / EKI-1522 / EKI-1521 Cross Site Scripting
St. Pölten UAS ------------------------------------------------------------------------------- title| Multiple XSS in Advantech product| Advantech EKI-1524-CE series, EKI-1522 series, | EKI-1521 series vulnerable version| =1.21 CVE-2023-4202, =1.24 CVE-2023-4203 fixed version| 1.26 CVE number|...
CVE-2023-4202
Advantech EKI-1524/1522/1521 devices (through version 1.21; affected 1.21) are affected by a Stored Cross-Site Scripting vulnerability in the web-interface device-name field. Root cause: insufficient input handling allows authenticated users to inject scripts, enabling XSS in the affected UI. Pub...
CVE-2023-4202 Stored Cross-Site Scripting
Advantech EKI-1524, EKI-1522, EKI-1521 devices through 1.21 are affected by a Stored Cross-Site Scripting vulnerability, which can be triggered by authenticated users in the device name field of the web-interface...