4.3
CVSSv2

CVE-2018-11689

Published: 14/06/2018 Updated: 29/04/2019
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Vulnerability Summary

Smart Viewer in Samsung Web Viewer for Samsung DVR is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability via a crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.

Vulnerability Trend

Affected Products

Vendor Product Versions
SamsungSmartviewer-

Mailing Lists

Samsung Web Viewer for Samsung DVR suffers from a cross site scripting vulnerability ...
I VULNERABILITY ------------------------- Samsung Web Viewer for Samsung DVR Reflected Cross Site Scripting (XSS) II CVE REFERENCE ------------------------- CVE-2018-11689 III REFERENCES ------------------------- vulmoncom/vulnerabilitydetails?qid=CVE-2018-11689 IV CREDIT ------------------------- Yavuz Atlas - Biznet Bilisim http:/ ...

Github Repositories

Awesome CVE PoC A curated list of CVE PoCs Here is a collection about Proof of Concepts of Common Vulnerabilities and Exposures, and you may also want to check out awesome-web-security Please read the contribution guidelines before contributing This repo is full of PoCs for CVEs If you enjoy this awesome list and would like to support it, check out my Patreon page :