Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2020-16246

UNKNOWN
Published 2020-10-20T15:00:40.583062Z
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2020-16246. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

The affected Reason S20 Ethernet Switch is vulnerable to cross-site scripting (XSS), which may allow attackers to trick users into following a link or navigating to a page that posts a malicious JavaScript statement to the vulnerable site, causing the malicious JavaScript to be rendered by the site and executed by the victim client.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

General Electric

Reason S20 Ethernet Switch

Affected Versions:

S2020 S2024

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed MODERATE

GHSA-6c46-9x5g-g2vg

Advisory Details

The affected Reason S20 Ethernet Switch is vulnerable to cross-site scripting (XSS), which may allow attackers to trick users into following a link or navigating to a page that posts a malicious JavaScript statement to the vulnerable site, causing the malicious JavaScript to be rendered by the site and executed by the victim client.

CVSS Scoring

CVSS Score

5.0

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2020-16246
WEB https://us-cert.cisa.gov/ics/advisories/icsa-20-266-02

Advisory provided by GitHub Security Advisory Database. Published: May 24, 2022, Modified: May 24, 2022

References

https://us-cert.cisa.gov/ics/advisories/icsa-20-266-02
Published: 2020-10-20T15:00:40.583062Z
Last Modified: 2024-09-17T00:47:00.232Z
Copied to clipboard!