admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 10:41:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2025-04-19 01:00:31 +00:00
parent 2663a31436
commit 79196a5727
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
2025/25xxx/CVE-2025-25427.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A Stored cross-site scripting (XSS) vulnerability in upnp page of the web Interface in TP-Link WR841N v14/v14.6/v14.8 <= Build 231119 Rel.67074n allows adjacent attackers to inject arbitrary JavaScript code via the port mapping description. This leads to an execution of the JavaScript payload when the upnp page is loaded."
"value": "A stored cross-site scripting (XSS) vulnerability in the upnp.htm page of the web Interface in TP-Link WR841N v14/v14.6/v14.8 <= Build 241230 Rel. 50788n allows remote attackers to inject arbitrary JavaScript code via the port mapping description. This leads to an execution of the JavaScript payload when the upnp page is loaded."
}
]
},
@ -42,7 +42,7 @@
{
"version_affected": "<=",
"version_name": "0",
"version_value": "Build 231119 Rel.67074n"
"version_value": "Build 241230 Rel. 50788n"
}
]
}