Vulnerability Details CVE-2022-24654
Authenticated stored cross-site scripting (XSS) vulnerability in "Field Server Address" field in INTELBRAS ATA 200 Firmware 74.19.10.21 allows attackers to inject JavaScript code through a crafted payload.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.065
EPSS Ranking 90.6%
CVSS Severity
CVSS v3 Score 5.4
References
- http://intelbras.com
- https://github.com/leonardobg/CVE-2022-24654
- https://packetstormsecurity.com/files/168064/Intelbras-ATA-200-Cross-Site-Scripting.html
- http://intelbras.com
- https://github.com/leonardobg/CVE-2022-24654
- https://packetstormsecurity.com/files/168064/Intelbras-ATA-200-Cross-Site-Scripting.html
Products affected by CVE-2022-24654
-
cpe:2.3:h:intelbras:ata_200:-
-
cpe:2.3:o:intelbras:ata_200_firmware:74.19.10.21