Stored Cross Site Scripting (XSS) Vulnerability in Airangel HSMX Gateway Devices
CVE-2021-40517 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Airangel HSMX Gateway devices through 5.2.04 is vulnerable to stored Cross Site Scripting. XSS Payload is placed in the name column of the updates table using database access.
Learn more about our Web Application Penetration Testing UK.