CVE-2018-8846

Name of the Vulnerable Software and Affected Versions Philips e-Alert Unit (non-medical device) versions R2.1 and prior

Description The software does not properly neutralize user-controllable input before it is placed in output that is used as a web page, which is then served to other users.

Recommendations For versions R2.1 and prior, consider implementing input validation and sanitization to prevent malicious input from being reflected in web pages served to other users. As a temporary workaround, restrict access to the web page generation functionality until a proper fix is applied.