Vulnerabilities > GE > S2024 Firmware

DATE CVE VULNERABILITY TITLE RISK
2020-10-20 CVE-2020-16246 Unspecified vulnerability in GE S2020 Firmware and S2024 Firmware
The affected Reason S20 Ethernet Switch is vulnerable to cross-site scripting (XSS), which may allow attackers to trick users into following a link or navigating to a page that posts a malicious JavaScript statement to the vulnerable site, causing the malicious JavaScript to be rendered by the site and executed by the victim client.
network
low complexity
ge
6.1
2020-09-25 CVE-2020-16242 Unspecified vulnerability in GE S2020 Firmware and S2024 Firmware
The affected Reason S20 Ethernet Switch is vulnerable to cross-site scripting (XSS), which may allow an attacker to trick application users into performing critical application actions that include, but are not limited to, adding and updating accounts.
network
low complexity
ge
6.1