Stored Cross Site Scripting (XSS) Vulnerability in Airangel HSMX Gateway Devices

Stored Cross Site Scripting (XSS) Vulnerability in Airangel HSMX Gateway Devices

CVE-2021-40517 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Airangel HSMX Gateway devices through 5.2.04 is vulnerable to stored Cross Site Scripting. XSS Payload is placed in the name column of the updates table using database access.

Learn more about our Web Application Penetration Testing UK.