← Back to CVE List
CVE-2018-6906
A persistent Cross Site Scripting (XSS) vulnerability in the Green Electronics RainMachine Mini-8 (2nd Generation) and Touch HD 12 web application allows an attacker to inject arbitrary JavaScript via the REST API.
> MITRE Terms of Use apply – see LICENSE‑MITRE.txt