CVE-2019-5286

CWE-79Cross-site Scripting (XSS)3 documents3 sources
Severity
6.1MEDIUM
EPSS
0.1%
top 68.20%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Huawei Hedex Lite
Timeline
PublishedJun 13
Latest updateMay 24

Description

There is a reflection XSS vulnerability in the HedEx products. Remote attackers send malicious links to users and trick users to click. Successfully exploit cloud allow the attacker to initiate XSS attacks. Affects HedEx Lite versions earlier than V200R006C00SPC007.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages2 packages

NVDhuawei/hedex_lite< v200r006c00spc007
CVEListV5hedex_liteVersions earlier than V200R006C00SPC007

🔴Vulnerability Details

2
GHSA
GHSA-22v6-vh64-279g: There is a reflection XSS vulnerability in the HedEx products2022-05-24
CVEList
CVE-2019-5286: There is a reflection XSS vulnerability in the HedEx products2019-06-13