Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

GHSA-xhjj-qrrg-5524

GitHub Security Advisory

⚠ Unreviewed MODERATE Has CVE
View on GitHub

Advisory Details

GE UR firmware versions prior to version 8.1x supports web interface with read-only access. The device fails to properly validate user input, making it possible to perform cross-site scripting attacks, which may be used to send a malicious script. Also, UR Firmware web server does not perform HTML encoding of user-supplied strings.

Related CVEs

CVE-2021-27418

Key Information

GHSA ID
GHSA-xhjj-qrrg-5524
Published
March 24, 2022 12:00 AM
Last Modified
April 2, 2022 12:00 AM
CVSS Score
5.0 /10
Primary Ecosystem
Unknown
Primary Package
Unknown
GitHub Reviewed
✗ No

Dataset

Last updated: July 5, 2025 6:26 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.