CVE-2024-3125 | Zebra ZTC GK420d 1.0 Alert Setup Page /settings Address cross site scripting

Inserito da Angelo Barbosa | Apr 1, 2024 | CVE

A vulnerability classified as problematic was found in Zebra ZTC GK420d 1.0. This vulnerability affects unknown code of the file /settings of the component Alert Setup Page. The manipulation of the argument Address leads to cross site scripting.

This vulnerability was named CVE-2024-3125. The attack can be initiated remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-3125 | Zebra ZTC GK420d 1.0 Alert Setup Page /settings Address cross site scripting

Post correlati

CVE-2020-24102 | Punkbuster pbsv.d64 2.351 path traversal

CVE-2024-0708 | Landing Page Cat Plugin up to 1.7.2 on WordPress improper authentication

CVE-2024-4757 | Logo Manager for Enamad Plugin up to 0.7.0 on WordPress cross-site request forgery

CVE-2024-31544 | Computer Laboratory Management System 1.0 Master.php remarks/borrower_name/faculty_department cross site scripting