CVE-2023-24497

Cross-site scripting xss vulnerabilities exist in the requestHandlers.js detaildevice functionality of Milesight VPN v2.0.2. A specially-crafted HTTP request can lead to arbitrary Javascript code injection. An attacker can send an HTTP request to trigger these vulnerabilities.This XSS is exploite...

CVE-2023-24496

Cross-site scripting xss vulnerabilities exist in the requestHandlers.js detaildevice functionality of Milesight VPN v2.0.2. A specially-crafted HTTP request can lead to arbitrary Javascript code injection. An attacker can send an HTTP request to trigger these vulnerabilities.This XSS is exploite...

PT-2023-19642 · Milesight · Milesight Vpn

Name of the Vulnerable Software and Affected Versions: Milesight VPN version 2.0.2 Description: Cross-site scripting xss vulnerabilities exist in the requestHandlers.js detail device functionality. A specially-crafted HTTP request can lead to arbitrary Javascript code injection. An attacker can...