CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

O: Security Vulnerabilities

CVE-2023-24497

Cross-site scripting (xss) vulnerabilities exist in the requestHandlers.js detail_device functionality of Milesight VPN v2.0.2. A specially-crafted HTTP request can lead to arbitrary Javascript code injection. An attacker can send an HTTP request to trigger these vulnerabilities.This XSS is exploited through the remote_subnet field of the database

CVSS Score

4.7

EPSS Score

0.001

Published

2023-07-06

Page 1

Vulnerabilities

Vulnerable Software

O: Security Vulnerabilities

Products

Pricing

Contact Us