CVE-2020-12256

Posted on 2020년 5월 19일2020년 5월 19일 by admin

CVE-2020-12256

rConfig 3.9.4 is vulnerable to reflected XSS. The devicemgmnt.php file improperly validates user input. An attacker can exploit this by crafting arbitrary JavaScript in the deviceId GET parameter to devicemgmnt.php.

Source: CVE-2020-12256

답글 남기기 응답 취소