Lucene search

K
cnvdChina National Vulnerability DatabaseCNVD-2021-100343
HistoryDec 12, 2021 - 12:00 a.m.

Gryphon Tower Cross-Site Scripting Vulnerability

2021-12-1200:00:00
China National Vulnerability Database
www.cnvd.org.cn
6
gryphon tower
cross-site scripting
vulnerability
wireless router
javascript code
exploited
user-supplied data
output data validation filtering
url parameter

EPSS

0.236

Percentile

96.7%

A cross-site scripting vulnerability exists in Gryphon Tower, a wireless router from Gryphon. The vulnerability stems from a lack of user-supplied data and output data validation filtering in the url parameter of cgi-bin/luci/site_access/, which can be exploited to execute client-side JavaScript code.

EPSS

0.236

Percentile

96.7%

Related for CNVD-2021-100343