XSS and HTML Injection Vulnerability in Comtech H8 Heights Remote Gateway 2.5.1 Site Name Field

XSS and HTML Injection Vulnerability in Comtech H8 Heights Remote Gateway 2.5.1 Site Name Field

CVE-2019-17667 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Comtech H8 Heights Remote Gateway 2.5.1 devices allow XSS and HTML injection via the Site Name (aka SiteName) field.

Learn more about our Web Application Penetration Testing UK.