CVE-2009-3562

NONE

—CVSS v3

2.6CVSS v2

0.85% EPSS (exploit probability)

CWE-79CWE

Description

Cross-site scripting (XSS) vulnerability in Xerver HTTP Server 4.32 allows remote attackers to inject arbitrary web script or HTML via the currentPath parameter in a chooseDirectory action.

Affected routers (1)

Vendor	Model	Matched via	Affected versions	Fixed in	Patch?
Ubiquiti	Ubiquiti EdgeRouter 4	`—`	—	—	No

External references

NIST NVD
MITRE CVE