CVE-2019-7420 — Cross-site Scripting in Samsung X7400gx Firmware

CWE-79 — Cross-site Scripting3 documents3 sources
Severity
6.1MEDIUMNVD
EPSS
0.5%
top 35.61%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Samsung X7400gx Firmware
Timeline
PublishedMar 21
Latest updateMay 14

Description

XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.25_08-21-2015 in "/sws.application/information/networkinformationView.sws" in the tabName parameter.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages1 packages

â–¶NVDsamsung/x7400gx_firmware6.a6.25

🔴Vulnerability Details

2
GHSA
GHSA-v496-5688-5jwg: XSS exists in SAMSUNG X7400GX SyncThru Web Service V6↗2022-05-14
â–¶
CVEList
CVE-2019-7420: XSS exists in SAMSUNG X7400GX SyncThru Web Service V6↗2019-03-17
â–¶
CVE-2019-7420 — Cross-site Scripting in Samsung | cvebase