CVE-2019-6968

CWE-79 — Cross-site Scripting (XSS)3 documents3 sources

Severity

6.1MEDIUM

EPSS

0.2%

top 51.91%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Dlink Dva-5592 Firmware

Timeline

PublishedAug 2

Latest updateMay 24

Description

The web interface of the D-Link DVA-5592 20180823 is vulnerable to XSS because HTML form parameters are directly reflected.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages1 packages

▶NVDdlink/dva-5592_firmware20180823

🔴Vulnerability Details

GHSA

GHSA-9ch3-p8h2-62mj: The web interface of the D-Link DVA-5592 20180823 is vulnerable to XSS because HTML form parameters are directly reflected↗2022-05-24

▶

CVEList

CVE-2019-6968: The web interface of the D-Link DVA-5592 20180823 is vulnerable to XSS because HTML form parameters are directly reflected↗2019-08-02

▶