Vulnerabilities
Vulnerable Software
An issue was discovered in Firmware Analysis and Comparison Tool v3.2. With administrator privileges, the attacker could perform stored XSS attacks by inserting JavaScript and HTML code in user creation functionality.
CVSS Score
4.8
EPSS Score
0.002
Published
2022-03-30
An issue was discovered in Firmware Analysis and Comparison Tool v3.2. Logged in administrators could be targeted by a CSRF attack through visiting a crafted web page.
CVSS Score
8.8
EPSS Score
0.001
Published
2022-03-30
Firmware Analysis and Comparison Tool (FACT) 3 has Stored XSS when updating analysis details via a localhost web request, as demonstrated by mishandling of the tags and version fields in helperFunctions/mongo_task_conversion.py.
CVSS Score
3.3
EPSS Score
0.002
Published
2020-04-02


Contact Us

Shodan ® - All rights reserved