Vulnerability Details CVE-2020-16246
The affected Reason S20 Ethernet Switch is vulnerable to cross-site scripting (XSS), which may allow attackers to trick users into following a link or navigating to a page that posts a malicious JavaScript statement to the vulnerable site, causing the malicious JavaScript to be rendered by the site and executed by the victim client.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 40.9%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
Products affected by CVE-2020-16246
-
cpe:2.3:h:ge:s2020:-
-
cpe:2.3:h:ge:s2024:-
-
cpe:2.3:o:ge:s2020_firmware:-
-
cpe:2.3:o:ge:s2020_firmware:07a03
-
cpe:2.3:o:ge:s2024_firmware:-