CVE-2020-15017

Published: 2020-06-26T14:15Z

Last Modified: 2024-11-21T05:04Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

NeDi 1.9C is vulnerable to reflected cross-site scripting. The Devices-Config.php file improperly validates user input. An attacker can exploit this vulnerability by crafting arbitrary JavaScript in the sta GET parameter. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt