Gira HomeServer 跨站脚本漏洞

Gira HomeServer is a smart home server from Gira. A cross-site scripting vulnerability exists in Gira HomeServer 4.12.0.220829 beta and earlier versions, which stems from a problem with the file /hslist, where manipulation of the parameter lst can lead to cross-site scripting...

PT-2023-21092 · Gira · Gira Homeserver

Name of the Vulnerable Software and Affected Versions: Gira HomeServer versions up to 4.12.0.220829 beta Description: A problematic issue was found, affecting unknown code of the file /hslist. The manipulation of the argument lst with the input debug%27" leads to cross-site scripting. The attack...