CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-39678

A cross-site scripting (XSS) vulnerability in the device web interface (Log Query page) of BDCOM OLT P3310D-2AC 10.1.0F Build 69083 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the username parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 25.1%

CVSS Severity

CVSS v3 Score 6.1

References

https://telegra.ph/XSS-in-BDCOM-OLT-P3310D-2AC-07-29
https://telegra.ph/XSS-in-BDCOM-OLT-P3310D-2AC-07-29

Products affected by CVE-2023-39678

Bdcom » P3310d-2ac » Version: N/A

cpe:2.3:h:bdcom:p3310d-2ac:-
Bdcom » P3310d-2ac Firmware » Version: 10.1.0f

cpe:2.3:o:bdcom:p3310d-2ac_firmware:10.1.0f

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-39678

Products

Pricing

Contact Us