CVE-2020-16246
N/A
N/A
Summary
The affected Reason S20 Ethernet Switch is vulnerable to cross-site scripting (XSS), which may allow attackers to trick users into following a link or navigating to a page that posts a malicious JavaScript statement to the vulnerable site, causing the malicious JavaScript to be rendered by the site and executed by the victim client.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| General Electric | Reason S20 Ethernet Switch | S2020 <= 07A06 | affected |
| General Electric | Reason S20 Ethernet Switch | S2024 <= 07A06 | affected |
Weaknesses
- CWE-79: IMPROPER NEUTRALIZATION OF INPUT DURING WEB PAGE GENERATION ('CROSS-SITE SCRIPTING') CWE-79
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.