Lucene search
K

3 matches found

Cvelist
Cvelist
added 2024/01/03 7:16 p.m.31 views

CVE-2023-5880 Cross-site Scripting (XSS) injected into Aladdin Connect garage door opener (Retrofit-Kit) configuration setup webserver console via broadcast SSID name

When the Genie Company Aladdin Connect garage door opener Retrofit-Kit Model ALDCM is placed into configuration mode the web servers “Garage Door Control Module Setup” page is vulnerable to XSS via a broadcast SSID name containing malicious code with client side Java Script and/or HTML. This allo...

8.3AI score0.00553EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/01/03 7:16 p.m.15 views

CVE-2023-5880 Cross-site Scripting (XSS) injected into Aladdin Connect garage door opener (Retrofit-Kit) configuration setup webserver console via broadcast SSID name

When the Genie Company Aladdin Connect garage door opener Retrofit-Kit Model ALDCM is placed into configuration mode the web servers “Garage Door Control Module Setup” page is vulnerable to XSS via a broadcast SSID name containing malicious code with client side Java Script and/or HTML. This allo...

5.8AI score0.00553EPSS
Exploits0References1
CVE
CVE
added 2024/01/03 7:16 p.m.64 views

CVE-2023-5880

CVE-2023-5880 affects Genie Aladdin Connect Retrofit-Kit (Model ALDCM). When the device is in configuration mode, the web server page “Garage Door Control Module Setup” is vulnerable to cross-site scripting via a broadcast SSID name containing HTML/JavaScript, enabling injection of code into a us...

8.8CVSS8.2AI score0.00553EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder