Osprey Pump Controller version 1.01 inputs passed to a GET parameter are not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML/JS code in a user's browser session in context of an affected site.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
propumpservice osprey_pump_controller_firmware 1.01 |
Vulmon