CVE-2026-32843 in Location Aware Sensor Systeminfo

Zusammenfassung

von MITRE • 19.03.2026

Location Aware Sensor System by Linkit ONE, up to commit f06bd20 (2023-04-26), contains a reflected cross-site scripting vulnerability in the PM25.php file that allows remote attackers to execute arbitrary JavaScript by injecting malicious code into GET parameters. Attackers can craft a malicious URL containing unencoded payloads in the site, city, district, channel, or apikey parameters to execute scripts in victims' browsers when they visit the page.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Zuständig

VulnCheck

Reservieren

16.03.2026

Veröffentlichung

19.03.2026

Moderieren

akzeptiert

Eintrag

VDB-351715

CPE

bereit

CWE

CWE-79 (bestätigt)

CVSS

4.3 (VulDB)

EPSS

0.00097

KEV

nein

Aktivitäten

very low

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-32843
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-32843
CVE Details	https://www.cvedetails.com/cve/CVE-2026-32843/

◂ Zurück Übersicht Weiter ▸

Might our Artificial Intelligence support you?

Check our Alexa App!