Reflected Cross-Site Scripting Vulnerability in Cedar Gate EZ-NET Portal 6.5.5 6.8.0

Reflected Cross-Site Scripting Vulnerability in Cedar Gate EZ-NET Portal 6.5.5 6.8.0

CVE-2022-23397 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

The Cedar Gate EZ-NET portal 6.5.5 6.8.0 Internet portal has a call to display messages to users which does not properly sanitize data sent in through a URL parameter. This leads to a Reflected Cross-Site Scripting vulnerability. NOTE: the vendor disputes this because the ado.im reference has "no clear steps of reproduction."

Learn more about our User Device Pen Test.