4 matches found
EUVD-2025-201897
An XSS vulnerability in pxcvlanIntfCfg.php can be used by an unauthenticated remote attacker to trick an authenticated user to send a manipulated POST request to the device in order to change parameters available via web based management WBM. The vulnerability does not provide access to...
CVE-2025-41747
An XSS vulnerability in pxcvlanIntfCfg.php can be used by an unauthenticated remote attacker to trick an authenticated user to send a manipulated POST request to the device in order to change parameters available via web based management WBM. The vulnerability does not provide access to...
CVE-2025-41747 Reflected XSS vulnerability in pxc_vlanIntfCfg.php
An XSS vulnerability in pxcvlanIntfCfg.php can be used by an unauthenticated remote attacker to trick an authenticated user to send a manipulated POST request to the device in order to change parameters available via web based management WBM. The vulnerability does not provide access to...
CVE-2025-41747
CVE-2025-41747 describes an unauthenticated XSS vulnerability in the web interface component pxc_vlanIntfCfg.php that can fool an authenticated user into sending a manipulated POST request to modify device configuration parameters available through the web-based management interface (WBM). The is...