漏洞描述
此漏洞存在于device_graph_page.php脚本中,该脚本是Advantech R-SeeNet 应用程序的一部分。攻击者特制的 URL和受害者访问的 URL 可能导致任意 JavaScript 代码执行。
Advantech R-SeeNet存在xss漏洞(CVE-2021-21801)
PoC代码
暂无相关漏洞推荐
- POC CVE-2021-21799: Advantech R-SeeNet 2.4.12 - Cross-Site Scripting
- POC CVE-2021-21800: Advantech R-SeeNet 2.4.12 - Cross-Site Scripting
- POC CVE-2021-21801: Advantech R-SeeNet - Cross-Site Scripting
- POC CVE-2021-21802: Advantech R-SeeNet - Cross-Site Scripting
- POC CVE-2021-21803: Advantech R-SeeNet - Cross-Site Scripting
- POC CVE-2021-21805: Advantech R-SeeNet 2.4.12 - OS Command Injection
- POC rseenet-default-password: Advantech R-SeeNet Default Login
- POC rseenet-default-login: Advantech R-SeeNet Default Login
- Advantech iView CVE-2022-2136 SQL 注入漏洞
- Advantech iView NetworkServlet 命令注入漏洞
- Advantech iView CVE-2022-2138 拒绝服务漏洞
- Advantech iView ConfigurationServlet SQL注入漏洞
- Advantech iView CVE-2022-2139 目录遍历漏洞