Webport Security Vulnerabilities

CVE-2019-12460

Web Port 1.19.1 allows XSS via the /access/setup type parameter.

CVE-2019-12461

Web Port 1.19.1 allows XSS via the /log type parameter.

CVE-2020-18664

Cross Site Scripting (XSS) vulnerability in WebPort <=1.19.1via the connection name parameter in type-conn.

CVE-2020-18665

Directory Traversal vulnerability in WebPort <=1.19.1 in tags of system settings.

CVE-2020-18667

SQL Injection vulnerability in WebPort <=1.19.1 via the new connection, parameter name in type-conn.

CVE-2020-18668

Cross Site Scripting (XSS) vulnerabililty in WebPort <=1.19.1 via the description parameter to script/listcalls.

CVE-2020-23659

WebPort-v1.19.17121 is affected by Cross Site Scripting (XSS) on the "connections" feature.