John Osborn

**Name of the Vulnerable Software and Affected Versions** MT Safeline X-Ray X3310 webserver version NXG 19.05 **Description** A reflected cross-site scripting (XSS) vulnerability exists, enabling a remote attacker to execute JavaScript code and obtain sensitive information in a victim's browser. Additionally, an HTML injection issue allows a remote attacker to render malicious HTML and obtain sensitive information in a victim's browser. **Recommendations** For MT Safeline X-Ray X3310 webserver version NXG 19.05, consider disabling the web interface or restricting access to it until a patch is available. Avoid using the webserver for sensitive operations until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MT Safeline X-Ray X3310 webserver version NXG 19.05 **Description** An HTML injection issue exists that allows a remote attacker to render malicious HTML, potentially obtaining sensitive information in a victim's browser. **Recommendations** For MT Safeline X-Ray X3310 webserver version NXG 19.05, consider disabling access to the web interface until a patch is available to prevent exploitation of the HTML injection issue. Restrict access to sensitive information to minimize the risk of unauthorized access. At the moment, there is no information about a newer version that contains a fix for this vulnerability.