How severe is CVE-2019-20756?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.1 out of 10.

What type of vulnerability is CVE-2019-20756?

This is classified as CWE-79, which is a common weakness in software security.

CVE-2019-20756

HIGH Year: 2019

CVSS v3 Score

7.1

High

CVSS v2 Score

4.3

Medium

Weakness Type

CWE-79

View all →

Vulnerability Description

Certain NETGEAR devices are affected by reflected XSS. This affects EX7000 before 1.0.0.64, EX6200 before 1.0.3.86, EX6150 before 1.0.0.38, EX6130 before 1.0.0.22, EX6120 before 1.0.0.40, EX6100 before 1.0.2.22, EX6000 before 1.0.0.30, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, R8300 before 1.0.2.94, R7300DST before 1.0.0.62, R7000P before 1.3.0.20, R6900P before 1.3.0.20, R6400 before 1.0.1.32, R6300v2 before 1.0.4.24, R8500 before 1.0.2.94, WNDR3400v3 before 1.0.1.18, and WN2500RPv2 before 1.0.1.52.

CVE-2014-6447

HIGH

CVSS:7.1(High)

Multiple vulnerabilities exist in Juniper Junos J-Web error handling that may lead to cross site scripting (XSS) issues or crash the J-Web service (DoS). This affects Juniper Junos OS 12.1X44 before 1...

CWE-792014

CVE-2017-3557

HIGH

CVSS:7.1(High)

Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: Print Server). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6...

CWE-792017

CVE-2018-15633

HIGH

CVSS:7.1(High)

Cross-site scripting (XSS) issue in "document" module in Odoo Community 11.0 and earlier and Odoo Enterprise 11.0 and earlier, allows remote attackers to inject arbitrary web script in the browser of ...

CWE-792018

CVE-2018-15634

HIGH

CVSS:7.1(High)

Cross-site scripting (XSS) issue in attachment management in Odoo Community 14.0 and earlier and Odoo Enterprise 14.0 and earlier, allows remote attackers to inject arbitrary web script in the browser...

CWE-792018

CVE-2018-15638

HIGH

CVSS:7.1(High)

Cross-site scripting (XSS) issue in mail module in Odoo Community 13.0 and earlier and Odoo Enterprise 13.0 and earlier, allows remote attackers to inject arbitrary web script in the browser of a vict...

CWE-792018

CVE-2019-14863

HIGH

CVSS:7.1(High)

There is a vulnerability in all angular versions before 1.5.0-beta.0, where after escaping the context of the web application, the web application delivers data to its users along with other trusted d...

CWE-792019

CVE-2019-20756

Vulnerability Description

Related Vulnerabilities

CVE-2014-6447

CVE-2017-3557

CVE-2018-15633

CVE-2018-15634

CVE-2018-15638

CVE-2019-14863