Stored Cross-Site Scripting (XSS) Vulnerability in ControlByWeb X-320M-I Web-Enabled Instrumentation-Grade Data Acquisition Module 1.05

Stored Cross-Site Scripting (XSS) Vulnerability in ControlByWeb X-320M-I Web-Enabled Instrumentation-Grade Data Acquisition Module 1.05

CVE-2018-18882 · LOW Severity

AV:N/AC:M/AU:S/C:N/I:P/A:N

A stored cross-site scripting (XSS) issue was discovered in ControlByWeb X-320M-I Web-Enabled Instrumentation-Grade Data Acquisition module 1.05 with firmware revision v1.05. An authenticated user can inject arbitrary script via setup.html in the web interface.

Learn more about our Web App Pen Testing.