PT-2026-7923 · Heatmiser · Netmonitor
Ismail Tasdelen
·
Publicado
2026-02-12
·
Atualizado
2026-02-12
·
CVE-2019-25323
CVSS v3.1
6.1
Média
| Vetor | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Heatmiser Netmonitor version 3.03
Description
The software contains an HTML injection issue in the outputSetup.htm page. Attackers can inject malicious HTML code through the
outputtitle parameter by sending specially crafted POST requests. This allows for the execution of arbitrary HTML and potential manipulation of the web interface's displayed content. The vulnerable parameter is outputtitle.Recommendations
Apply a fix to sanitize the
outputtitle parameter to prevent the injection of malicious HTML code.Exploit
Correção
XSS
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Netmonitor