Tp Link · Tp-Link Tl-Sg1016De · CVE-2024-4224
**Name of the Vulnerable Software and Affected Versions**
TP-Link TL-SG1016DE version TL-SG1016DE(UN) V7.6 1.0.0 Build 20230616
**Description**
The issue is related to an authenticated stored cross-site scripting (XSS) that could allow an adversary to run JavaScript in an administrator's browser. This is due to the lack of protection measures for the web page structure, which may enable a remote attacker to conduct cross-site scripting attacks.
**Recommendations**
For TP-Link TL-SG1016DE version TL-SG1016DE(UN) V7.6 1.0.0 Build 20230616, update to version TL-SG1016DE(UN) V7 1.0.1 Build 20240628 to resolve the issue.