CVE-2019-7419 β€” Cross-site Scripting in Samsung X7400gx Firmware

CWE-79 β€” Cross-site Scripting3 documents3 sources
Severity
6.1MEDIUMNVD
EPSS
0.5%
top 35.61%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Samsung X7400gx Firmware
Timeline
PublishedMar 21
Latest updateMay 14

Description

XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.25_08-21-2015 in "/sws/leftmenu.sws" in multiple parameters: ruiFw_id, ruiFw_pid, ruiFw_title.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages1 packages

β–ΆNVDsamsung/x7400gx_firmware6.a6.25

πŸ”΄Vulnerability Details

2
GHSA
GHSA-hmcj-3g4j-7m53: XSS exists in SAMSUNG X7400GX SyncThru Web Service V6β†—2022-05-14
β–Ά
CVEList
CVE-2019-7419: XSS exists in SAMSUNG X7400GX SyncThru Web Service V6β†—2019-03-17
β–Ά
CVE-2019-7419 β€” Cross-site Scripting in Samsung | cvebase