Vulnerabilities > GE > S2020 Firmware

DATE CVE VULNERABILITY TITLE RISK
2020-10-20 CVE-2020-16246 Unspecified vulnerability in GE S2020 Firmware and S2024 Firmware
The affected Reason S20 Ethernet Switch is vulnerable to cross-site scripting (XSS), which may allow attackers to trick users into following a link or navigating to a page that posts a malicious JavaScript statement to the vulnerable site, causing the malicious JavaScript to be rendered by the site and executed by the victim client.
network
low complexity
ge
6.1
2020-09-25 CVE-2020-16242 Unspecified vulnerability in GE S2020 Firmware and S2024 Firmware
The affected Reason S20 Ethernet Switch is vulnerable to cross-site scripting (XSS), which may allow an attacker to trick application users into performing critical application actions that include, but are not limited to, adding and updating accounts.
network
low complexity
ge
6.1
2019-12-18 CVE-2019-18267 Cross-site Scripting vulnerability in GE S2020 Firmware and S2020G Firmware
An issue was found in GE S2020/S2020G Fast Switch 61850, S2020/S2020G Fast Switch 61850 Versions 07A03 and prior.
network
low complexity
ge CWE-79
5.4