XSS Vulnerability in BrightSign Digital Signage (4k242) Device (Firmware 6.2.63 and below) via REF Parameter

XSS Vulnerability in BrightSign Digital Signage (4k242) Device (Firmware 6.2.63 and below) via REF Parameter

CVE-2017-17737 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and below) has XSS via the REF parameter to /network_diagnostics.html or /storage_info.html.

Learn more about our Network Penetration Testing.