6 matches found
CVE-2020-18664
CVE-2020-18664 details a Cross Site Scripting (XSS) vulnerability in WebPort versions
CVE-2019-12461
WebPort 1.19.1 is vulnerable to a reflected XSS via the /log?type parameter. The root cause is unsanitized input that allows arbitrary JavaScript to be executed in the victim’s browser, with potential for session hijacking or data theft. Impact is described as client-side script execution with lo...
CVE-2019-12460
CVE-2019-12460 affects Web Port 1.19.1 with a reflected XSS flaw exploitable via the /access/setup?type parameter. The issue stems from unsanitized input in the setup endpoint, enabling an attacker to inject and execute script in a victim’s browser. Public evidence includes PoC payloads and explo...
CVE-2020-18668
CVE-2020-18668 concerns a Cross Site Scripting (XSS) vulnerability in Philips WebPort WebPortal (WebPort) versions
CVE-2020-18665
CVE-2020-18665 is a directory-traversal vulnerability in WebPort, affecting versions <= 1.19.1 in the System Settings tags handling. The incident is documented across multiple feeds (NVD summary: WebPort
CVE-2020-23659
CVE-2020-23659 affects WebPort v1.19.17121 with a Cross Site Scripting (XSS) flaw in the connections feature. The Red Hat and NVD entries corroborate a web-based XSS condition that could impact users interacting with the affected UI; the core issue is a scripting vulnerability in the connection...