| Título | Clavister Clavister E80 - EagleSeries . Cross-Site Scripting |
|---|
| Descrição | Reflected XSS chained with CSRF poses a threat to Clavister E80 Firewall-protected web applications. In this scenario, attackers inject malicious scripts into the application, which execute in users' browsers, potentially leading to unauthorized actions like data theft or manipulation. While the firewall provides network security, it may not safeguard against these specific web application vulnerabilities. Mitigation strategies include secure coding practices, such as input validation and output encoding, as well as implementing anti-CSRF tokens and conducting regular security assessments. |
|---|
| Fonte | ⚠️ https://github.com/strik3r0x1/Vulns/blob/main/Clavister_E80-RXSS.md |
|---|
| Utilizador | Strik3r (UID 61057) |
|---|
| Submissão | 23/03/2024 17h03 (há 2 anos) |
|---|
| Moderação | 01/04/2024 19h49 (9 days later) |
|---|
| Estado | Aceite |
|---|
| Entrada VulDB | 258916 [Clavister E10/E80 até 14.00.10 Misc Settings Page MiscSettings Script de Site Cruzado] |
|---|
| Pontos | 20 |
|---|