Cross-Site Scripting (Persistent) Vulnerability in Thomson TCW710 ST5D.10.05

Cross-Site Scripting (Persistent) Vulnerability in Thomson TCW710 ST5D.10.05

CVE-2018-25036 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

A vulnerability has been found in Thomson TCW710 ST5D.10.05 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /goform/RgTime. The manipulation of the argument TimeServer1/TimeServer2/TimeServer3 with the input ><script>alert(1)</script> as part of POST Request leads to cross site scripting (Persistent). The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Learn more about our Cis Benchmark Audit For Server Software.