TVN ID | TVN-202404003 |
---|---|
CVE ID | CVE-2024-3776 |
CVSS | 6.1 (Medium) CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Affected Products | airPASS before v2.9.0.20231006 |
Description | The parameter used in the login page of Netvision airPASS is not properly filtered for user input. An unauthenticated remote attacker can insert JavaScript code to the parameter for Reflected Cross-site scripting attacks. |
Solution | Update to 2.9.0.231006 or later version |
Credit | Security member |
Public Date | 2024-04-15 |