PT-2026-6736 · Lolypop55 · Html5 Snmp

Cakes

Publicado

2026-02-06

Atualizado

2026-03-02

CVE-2019-25294

CVSS v3.1

6.1

Média

Vetor

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions html5 snmp version 1.11

Description The software contains a persistent cross-site scripting issue. An attacker can inject malicious scripts through the Remark parameter in the add router operation.php file. By crafting a POST request with a script payload in the Remark field, an attacker can execute arbitrary JavaScript in the browsers of those who view the page. The vulnerable parameter is Remark. The affected file is add router operation.php.

Recommendations Apply a fix to the add router operation.php file to sanitize the Remark parameter and prevent the injection of malicious scripts.

Exploit

Correção

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79

Identificadores relacionados

CVE-2019-25294

Produtos afetados

Html5 Snmp

PT-2026-6736 · Lolypop55 · Html5 Snmp

CVE-2019-25294

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5