Vulnerabilities > CVE-2020-16246 - Unspecified vulnerability in GE S2020 Firmware and S2024 Firmware

047910
CVSS 6.1 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
LOW
Integrity impact
LOW
Availability impact
NONE
network
low complexity
ge

Summary

The affected Reason S20 Ethernet Switch is vulnerable to cross-site scripting (XSS), which may allow attackers to trick users into following a link or navigating to a page that posts a malicious JavaScript statement to the vulnerable site, causing the malicious JavaScript to be rendered by the site and executed by the victim client.

Vulnerable Configurations

Part Description Count
OS
Ge
3
Hardware
Ge
2