Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco SPA112 2-Port Phone Adapter Stored Cross-Site Scripting Vulnerability
Vulnerability Description
A vulnerability in the web-based interface of the Cisco SPA112 2-Port Phone Adapter could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against another user of the device. The vulnerability is due to insufficient validation of user-supplied input by the web-based interface of the affected device. An attacker could exploit this vulnerability by inserting malicious code in one of the configuration fields. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
CVSS Information
N/A
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
Cisco SPA112 2-Port Phone Adapter 跨站脚本漏洞
Vulnerability Description
Cisco SPA112 2-Port Phone Adapter是美国思科(Cisco)公司的一款电话适配器。 使用1.4.1SR4之前版本固件的Cisco SPA112 2-Port Phone Adapter中存在跨站脚本漏洞,该漏洞源于程序没有充分验证用户提交的输入。远程攻击者可通过在配置字段中插入恶意代码利用该漏洞执行任意脚本代码或访问基于浏览器的敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A