PT-2024-5357 · Tp Link · Tp-Link Tl-Sg1016De
73X45!!!!!
+1
·
Published
2024-07-15
·
Updated
2024-08-01
·
CVE-2024-4224
CVSS v2.0
5.5
Medium
| Vector | AV:N/AC:L/Au:S/C:P/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
TP-Link TL-SG1016DE version TL-SG1016DE(UN) V7.6 1.0.0 Build 20230616
Description
The issue is related to an authenticated stored cross-site scripting (XSS) that could allow an adversary to run JavaScript in an administrator's browser. This is due to the lack of protection measures for the web page structure, which may enable a remote attacker to conduct cross-site scripting attacks.
Recommendations
For TP-Link TL-SG1016DE version TL-SG1016DE(UN) V7.6 1.0.0 Build 20230616, update to version TL-SG1016DE(UN) V7 1.0.1 Build 20240628 to resolve the issue.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Tp-Link Tl-Sg1016De