CVE-2018-15699
N/A
N/A
Summary
ASUSTOR Data Master 3.1.5 and below makes an HTTP request for a configuration file that is vulnerable to XSS. A man in the middle can take advantage of this by inserting Javascript into the configuration files Version field.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Tenable | ASUSTOR Data Master | 3.1.5 and below | affected |
Weaknesses
- Cross Site Scripting
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.