3 matches found
CVE-2023-5880 Cross-site Scripting (XSS) injected into Aladdin Connect garage door opener (Retrofit-Kit) configuration setup webserver console via broadcast SSID name
When the Genie Company Aladdin Connect garage door opener Retrofit-Kit Model ALDCM is placed into configuration mode the web servers “Garage Door Control Module Setup” page is vulnerable to XSS via a broadcast SSID name containing malicious code with client side Java Script and/or HTML. This allo...
CVE-2023-5880 Cross-site Scripting (XSS) injected into Aladdin Connect garage door opener (Retrofit-Kit) configuration setup webserver console via broadcast SSID name
When the Genie Company Aladdin Connect garage door opener Retrofit-Kit Model ALDCM is placed into configuration mode the web servers “Garage Door Control Module Setup” page is vulnerable to XSS via a broadcast SSID name containing malicious code with client side Java Script and/or HTML. This allo...
CVE-2023-5880
CVE-2023-5880 affects Genie Aladdin Connect Retrofit-Kit (Model ALDCM). When the device is in configuration mode, the web server page “Garage Door Control Module Setup” is vulnerable to cross-site scripting via a broadcast SSID name containing HTML/JavaScript, enabling injection of code into a us...