CVE-2019-14928

An issue was discovered on Mitsubishi Electric ME-RTU devices through 2.02 and INEA ME-RTU devices through 3.0. A number of stored cross-site script (XSS) vulnerabilities allow an attacker to inject malicious code directly into the application. An example input variable vulnerable to stored XSS is SerialInitialModemString in the index.php page.
References
Link Resource
https://www.mogozobo.com/ Third Party Advisory
https://www.mogozobo.com/?p=3593 Exploit Third Party Advisory
Configurations

Configuration 1


Information

Published : 2019-10-28 01:15

Updated : 2019-10-30 05:57


NVD link : CVE-2019-14928

Mitre link : CVE-2019-14928

Products Affected
CWE