vendor:
D-KVM-IP8
by:
Not provided
5.5
CVSS
MEDIUM
Cross-Site Scripting (XSS)
79
CWE
Product Name: D-KVM-IP8
Affected Version From: Not provided
Affected Version To: Not provided
Patch Exists: NO
Related CWE: Not provided
CPE: Not provided
Platforms Tested:
Not provided
D-LINK DKVM-IP8 Cross-Site Scripting Vulnerability
The D-LINK DKVM-IP8 device's web interface does not properly sanitize user-supplied input, leading to a cross-site scripting vulnerability. An attacker can exploit this vulnerability to execute arbitrary script code in the browser of a victim user, potentially leading to theft of authentication credentials and other attacks.
Mitigation:
It is recommended to update the device firmware to the latest version, which may include a patch for this vulnerability. Additionally, users should be cautious when clicking on links or opening attachments from untrusted sources.