| タイトル | Clavister Clavister E80 - EagleSeries . Cross-Site Scripting |
|---|
| 説明 | Reflected XSS chained with CSRF poses a threat to Clavister E80 Firewall-protected web applications. In this scenario, attackers inject malicious scripts into the application, which execute in users' browsers, potentially leading to unauthorized actions like data theft or manipulation. While the firewall provides network security, it may not safeguard against these specific web application vulnerabilities. Mitigation strategies include secure coding practices, such as input validation and output encoding, as well as implementing anti-CSRF tokens and conducting regular security assessments. |
|---|
| ソース | ⚠️ https://github.com/strik3r0x1/Vulns/blob/main/Clavister_E80-RXSS.md |
|---|
| ユーザー | Strik3r (UID 61057) |
|---|
| 送信 | 2024年03月23日 17:03 (2 年 ago) |
|---|
| モデレーション | 2024年04月01日 19:49 (9 days later) |
|---|
| ステータス | 承諾済み |
|---|
| VulDBエントリ | 258916 [Clavister E10/E80 迄 14.00.10 Misc Settings Page MiscSettings クロスサイトスクリプティング] |
|---|
| ポイント | 20 |
|---|