iobroker.web is vulnerable to cross-site scripting (XSS). The attack is possible because it does not sanitize the characters in the URL path, allowing an attacker to inject arbitrary script through it.
CPE | Name | Operator | Version |
---|---|---|---|
iobroker.web | le | 2.4.9 |