Vulnerabilities > Draytek > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-22 | CVE-2020-28968 | Cross-site Scripting vulnerability in Draytek products Draytek VigorAP 1000C contains a stored cross-site scripting (XSS) vulnerability in the RADIUS Setting - RADIUS Server Configuration module. | 3.5 |
| 2021-10-13 | CVE-2021-20128 | Cross-site Scripting vulnerability in Draytek Vigorconnect 1.6.0 The Profile Name field in the floor plan (Network Menu) page in Draytek VigorConnect 1.6.0-B3 was found to be vulnerable to stored XSS, as user input is not properly sanitized. | 3.5 |