CVE-2019-25284

V-SOL GPON/EPON OLT Platform v2.03 contains multiple reflected cross-site scripting vulnerabilities due to improper input sanitization in various script parameters. Attackers can exploit these vulnerabilities by injecting malicious HTML and script code to execute arbitrary scripts in a victim's browser session.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.1 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
VulnCheckCNA
6.1 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Common Weakness Enumeration
References
https://cxsecurity.com/issue/WLB-2019090194
https://exchange.xforce.ibmcloud.com/vulnerabilities/167864
https://packetstormsecurity.com/files/154631
https://www.vsolcn.com/
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5537.php
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5537.php