The NETGEAR SRX5308 is a VPN firewall appliance from NETGEAR. The NETGEAR SRX5308 suffers from a cross-site scripting vulnerability that originates from incorrect manipulation of the parameter smtpServer.toAddr. The vulnerability can be exploited by an attacker to obtain sensitive information such as user cookies.