CVE-2021-20128

Summary

The Profile Name field in the floor plan (Network Menu) page in Draytek VigorConnect 1.6.0-B3 was found to be vulnerable to stored XSS, as user input is not properly sanitized.

Affected Software

VendorProductVersion RangeStatus
n/aDraytek VigorConnect1.6.0-B3affected

Weaknesses

  • Cross-site Scripting

ADP Enrichment

CVE Program Container

Additional References

References