vendor:
CT-507 IT
by:
Unknown
5.5
CVSS
MEDIUM
Cross-Site Scripting
79
CWE
Product Name: CT-507 IT
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: NO
Related CWE:
CPE: h:comtrend:ct-507_it
Platforms Tested:
Unknown
Cross-Site Scripting Vulnerability in Comtrend CT-507 IT
The Comtrend CT-507 IT device's web interface does not properly sanitize user-supplied input, leading to a cross-site scripting vulnerability. An attacker can exploit this vulnerability to execute arbitrary script code in the browser of a victim user, potentially allowing the attacker to steal authentication credentials and launch further attacks.
Mitigation:
No mitigation provided