| Title | Sapido Sapido RB-1802 Ver1.0.32 Cross Site Scripting |
|---|
| Description | In the urlfilter.asp file, an unrestricted Cross-Site Scripting (XSS) vulnerability and injection attacks exist in the SAPIDO Router RB-1802, specifically targeting the URL parameter. The function executes the user-supplied input without validation. Malicious attackers can leverage this vulnerability to steal session cookies.
script: <img/src/onerror=prompt(8)> |
|---|
| Source | ⚠️ http://x.x.x.x/home.asp |
|---|
| User | Havook (UID 71104) |
|---|
| Submission | 07/12/2025 09:18 (11 months ago) |
|---|
| Moderation | 07/12/2025 20:47 (11 hours later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 316252 [Sapido RB-1802 1.0.32 URL Filtering Page urlfilter.asp URL address cross site scripting] |
|---|
| Points | 16 |
|---|