3 matches found
CVE-2024-41583
DrayTek Vigor3910 devices through 4.3.2.6 are vulnerable to stored Cross Site Scripting XSS by authenticated users due to poor sanitization of the router name...
CVE-2024-41583
DrayTek Vigor3910 devices through 4.3.2.6 are vulnerable to stored Cross Site Scripting XSS by authenticated users due to poor sanitization of the router name...
CVE-2024-41583
CVE-2024-41583 affects DrayTek Vigor3910 devices up to firmware 4.3.2.6, enabling stored XSS by authenticated users due to poor sanitization of the router name. Impact is limited to web UI context with MEDIUM severity (CVSS 3.1: 4.7). Red Hat and NVD corroborate the issue; NCSC notes vendors have...