Cross-Site Scripting (XSS) Vulnerability in Digital Alert Systems DASDEC Software via Host Header

Cross-Site Scripting (XSS) Vulnerability in Digital Alert Systems DASDEC Software via Host Header

CVE-2022-40204 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

A cross-site scripting (XSS) vulnerability exists in all current versions of Digital Alert Systems DASDEC software via the Host Header in undisclosed pages after login.

Learn more about our Web Application Penetration Testing UK.