Vulnerabilities > CVE-2023-34360 - Unspecified vulnerability in Asus Rt-Ax88U Firmware
Attack vector
NETWORK Attack complexity
LOW Privileges required
LOW Confidentiality impact
LOW Integrity impact
LOW Availability impact
NONE Summary
A stored cross-site scripting (XSS) issue was discovered within the Custom User Icons functionality of ASUS RT-AX88U running firmware versions 3.0.0.4.388.23110 and prior. After a remote attacker logging in device with regular user privilege, the remote attacker can perform a Stored Cross-site Scripting (XSS) attack by uploading image which containing JavaScript code.