Stored XSS Vulnerability in 1734-AENTR Communication Module's Web Interface

Stored XSS Vulnerability in 1734-AENTR Communication Module's Web Interface

CVE-2020-14502 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

The web interface of the 1734-AENTR communication module is vulnerable to stored XSS. A remote, unauthenticated attacker could store a malicious script within the web interface that, when executed, could modify some string values on the homepage of the web interface.

Learn more about our Web App Pen Testing.