Cross-site scripting (XSS) vulnerability in I-O DATA DEVICE RockDisk with firmware before 1.05e1-2.0.5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. NOTE: This vulnerability exists because of an incomplete fix for CVE-2013-4713.
References
Link | Resource |
---|---|
http://www.ioplaza.jp/shop/contents/rdiskmanual.aspx | Patch Vendor Advisory |
https://jvn.jp/en/jp/JVN74608669/index.html | VDB Entry Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: jpcert
Published: 2017-04-13T17:00:00
Updated: 2017-04-13T16:57:01
Reserved: 2014-05-27T00:00:00
Link: CVE-2014-3887
JSON object: View
NVD Information
Status : Analyzed
Published: 2017-04-13T17:59:00.277
Modified: 2017-04-20T16:16:38.160
Link: CVE-2014-3887
JSON object: View
Redhat Information
No data.
CWE