CVE-2022-28717— 多款MEIKYO ELECTRIC产品跨站脚本漏洞

N/A

Cross-site scripting vulnerability in Rebooter(WATCH BOOT nino RPC-M2C [End of Sale] all firmware versions, WATCH BOOT light RPC-M5C [End of Sale] all firmware versions, WATCH BOOT L-zero RPC-M4L [End of Sale] all firmware versions, WATCH BOOT mini RPC-M4H [End of Sale] all firmware versions, WATCH BOOT nino RPC-M2CS firmware version 1.00A to 1.00D, WATCH BOOT light RPC-M5CS firmware version 1.00A to 1.00D, WATCH BOOT L-zero RPC-M4LS firmware version 1.00A to 1.20A, and Signage Rebooter RPC-M4HSi firmware version 1.00A), PoE Rebooter(PoE BOOT nino PoE8M2 firmware version 1.00A to 1.20A), Scheduler(TIME BOOT mini RSC-MT4H [End of Sale] all firmware versions, TIME BOOT RSC-MT8F [End of Sale] all firmware versions, TIME BOOT RSC-MT8FP [End of Sale] all firmware versions, TIME BOOT mini RSC-MT4HS firmware version 1.00A to 1.10A, and TIME BOOT RSC-MT8FS firmware version 1.00A to 1.00E), and Contact Converter(POSE SE10-8A7B1 firmware version 1.00A to 1.20A) allows a remote attacker with the administrative privilege to inject an arbitrary script via unspecified vectors.

N/A

N/A

多款MEIKYO ELECTRIC产品跨站脚本漏洞

MEIKYO ELECTRIC PoE BOOT nino PoE8M2和POSE SE10-8A7B1都是日本MEIKYO ELECTRIC公司的产品。PoE BOOT nino PoE8M2是一种网络远程电源控制。POSE SE10-8A7B1是一种网络远程电源控制接触转换器。 MEIKYO ELECTRIC 多款产品存在跨站脚本漏洞，该漏洞源于用户提供的数据未充分清理。远程攻击者利用该漏洞可以诱骗受害者跟踪特制链接，并在易受攻击的网站上下文中的用户浏览器中执行任意 HTML 和脚本代码。以下产品和版

N/A

N/A