CVE-2017-18784

MEDIUM Year: 2017
CVSS v3 Score
5.0
Medium
CVSS v2 Score
4.3
Medium
Weakness Type
CWE-79
View all →

Vulnerability Description

Certain NETGEAR devices are affected by XSS. This affects D6200 before 1.1.00.24, D7000 before 1.0.1.52, JNR1010v2 before 1.1.0.44, JWNR2010v5 before 1.1.0.44, PR2000 before 1.0.0.20, R6020 before 1.0.0.26, R6050 before 1.0.1.12, R6080 before 1.0.0.26, R6120 before 1.0.0.36, R6220 before 1.1.0.60, R6700v2 before 1.2.0.12, R6800 before 1.2.0.12, R6900v2 before 1.2.0.12, WNDR3700v5 before 1.1.0.50, WNR1000v4 before 1.1.0.44, WNR2020 before 1.1.0.44, and WNR2050 before 1.1.0.44.

Related Vulnerabilities

CVE-2017-18783

MEDIUM
CVSS:5.0(Medium)

Certain NETGEAR devices are affected by XSS. This affects D6200 before 1.1.00.24, D7000 before 1.0.1.52, JNR1010v2 before 1.1.0.44, JR6150 before 1.0.1.12, JWNR2010v5 before 1.1.0.44, PR2000 before 1....

CWE-792017

CVE-2019-1677

MEDIUM
CVSS:5.0(Medium)

A vulnerability in Cisco Webex Meetings for Android could allow an unauthenticated, local attacker to perform a cross-site scripting attack against the application. The vulnerability is due to insuffi...

CWE-792019

CVE-2023-5244

MEDIUM
CVSS:5.0(Medium)

Cross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber prior to 2.0.

CWE-792023

CVE-2024-23998

MEDIUM
CVSS:5.0(Medium)

goanother Another Redis Desktop Manager =<1.6.1 is vulnerable to Cross Site Scripting (XSS) via src/components/Setting.vue.

CWE-792024

CVE-2024-31574

MEDIUM
CVSS:5.0(Medium)

Cross Site Scripting vulnerability in TWCMS v.2.6 allows a local attacker to execute arbitrary code via a crafted script

CWE-792024

CVE-2024-37178

MEDIUM
CVSS:5.0(Medium)

SAP Financial Consolidation does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. These endpoints are exposed over the network. The vulnerability ...

CWE-792024