CVE-2022-50801

Summary

JM-DATA ONU JF511-TV version 1.0.67 is vulnerable to authenticated stored cross-site scripting (XSS) attacks, allowing attackers with authenticated access to inject malicious scripts that will be executed in other users' browsers when they view the affected content.

Affected Software

VendorProductVersion RangeStatus
JM-DATA ONUJF511-TV1.0.67affected
JM-DATA ONUJF511-TV1.0.62affected
JM-DATA ONUJF511-TV1.0.55affected

Weaknesses

  • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: partial

References