Vulnerability Details CVE-2019-13495
In firmware version 4.50 of Zyxel XGS2210-52HP, multiple stored cross-site scripting (XSS) issues allows remote authenticated users to inject arbitrary web script via an rpSys.html Name or Location field.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 36.9%
CVSS Severity
CVSS v3 Score 5.4
CVSS v2 Score 3.5
References
Products affected by CVE-2019-13495
-
cpe:2.3:h:zyxel:xgs2210-52hp:-
-
cpe:2.3:o:zyxel:xgs2210-52hp_firmware:4.50