CVE-2019-6565

Name of the Vulnerable Software and Affected Versions Moxa IKS and EDS (affected versions not specified) Moxa IKS-G6824A (affected versions not specified)

Description The issue is related to the failure of Moxa IKS and EDS to properly validate user input, allowing unauthenticated and authenticated attackers to perform cross-site scripting (XSS) attacks. This can be used to send a malicious script. The vulnerability is also associated with a lack of protection for the web page structure, which can be exploited by a remote attacker to carry out an inter-site scripting attack.

Recommendations For Moxa IKS and EDS, consider implementing proper user input validation to prevent XSS attacks until a patch is available. For Moxa IKS-G6824A, restrict access to the web interface to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.