CVE-2023-5880

Name of the Vulnerable Software and Affected Versions Genie Company Aladdin Connect garage door opener (Retrofit-Kit Model ALDCM) (affected versions not specified)

Description The Genie Company Aladdin Connect garage door opener is vulnerable to XSS via a broadcast SSID name containing malicious code with client-side JavaScript and/or HTML when placed into configuration mode. This allows an attacker to inject malicious code into the user's web browser through the "Garage Door Control Module Setup" page.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.