CVE-2015-7242

N/A

Beschreibung

Cross-site scripting (XSS) vulnerability in the Push-Service-Mails feature in AVM FRITZ!OS before 6.30 allows remote attackers to inject arbitrary web script or HTML via the display name in the FROM field of an SIP INVITE message.

CVE Details

CVSS v3.1 BewertungN/A

Veroffentlicht1/12/2016

Zuletzt geandert4/12/2025

Quellenvd

Honeypot-Sichtungen0

Betroffene Produkte

avm:fritz\!_os

Schwachen (CWE)

CWE-79

Referenzen

http://ds-develop.de/advisories/advisory-2016-01-07-1-avm.txt(cve@mitre.org)

http://packetstormsecurity.com/files/135168/AVM-FRITZ-OS-HTML-Injection.html(cve@mitre.org)

http://www.securityfocus.com/archive/1/537249/100/0/threaded(cve@mitre.org)

https://avm.de/service/sicherheitsinfos-zu-updates/(cve@mitre.org)

http://ds-develop.de/advisories/advisory-2016-01-07-1-avm.txt(af854a3a-2127-422b-91ae-364da2661108)

http://packetstormsecurity.com/files/135168/AVM-FRITZ-OS-HTML-Injection.html(af854a3a-2127-422b-91ae-364da2661108)

http://www.securityfocus.com/archive/1/537249/100/0/threaded(af854a3a-2127-422b-91ae-364da2661108)

https://avm.de/service/sicherheitsinfos-zu-updates/(af854a3a-2127-422b-91ae-364da2661108)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.