CVE-2020-15037

NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The application allows an attacker to execute arbitrary JavaScript code via the Reports-Devices.php page st[] parameter. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt