Vulnerabilities > Cobham > Satcom Sailor 250 Firmware > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-03-15 CVE-2018-19391 Cross-site Scripting vulnerability in Cobham products
Cobham Satcom Sailor 250 and 500 devices before 1.25 contained persistent XSS, which could be exploited by an unauthenticated threat actor via the /index.lua?pageID=Phone%20book name field.
network
low complexity
cobham CWE-79
6.1