CVE-2016-1136

Cross-site scripting (XSS) vulnerability on KDDI HOME SPOT CUBE devices before 2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:kddi:home_spot_cube_firmware:2.0:*:*:*:*:*:*:*
cpe:2.3:h:kddi:home_spot_cube:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2016-01-30 15:59

Updated : 2024-02-04 18:53


NVD link : CVE-2016-1136

Mitre link : CVE-2016-1136

CVE.ORG link : CVE-2016-1136


JSON object : View

Products Affected

kddi

  • home_spot_cube
  • home_spot_cube_firmware
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')