| 제목 | Tilgin FIBER HOME GATEWAY HG1522 HG13xxx_CSx000-01_09_01_12 Cross Site Scripting |
|---|
| 설명 | A cross-site scripting (XSS) vulnerability has been discovered in the product_info page of Tilgin FIBER HOME GATEWAY HG1522 which can be accessed without login. The vulnerability is in the href attribute An attacker can use this vulnerability to inject malicious Javascript code in the context of a victim's browser, which can be triggered by clicking on the link.
#Steps to Reproduce
1). Navigate to - http://IP/status/product_info/
2). Insert a generic payload after product_info
POC : http://IP/status/product_info/%3CBODY%20ONLOAD=alert('1')%3E |
|---|
| 사용자 | The_Druk (UID 70236) |
|---|
| 제출 | 2024. 06. 18. PM 11:08 (2 연령 ago) |
|---|
| 모더레이션 | 2024. 06. 26. PM 06:23 (8 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 269755 [Genexis Tilgin Fiber Home Gateway HG1522 CSx000-01_09_01_12 /status/product_info/ product_info 크로스 사이트 스크립팅] |
|---|
| 포인트들 | 17 |
|---|