Vulnerabilities > Milesight > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-05 | CVE-2023-43260 | Cross-site Scripting vulnerability in Milesight products Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.3.0.7 was discovered to contain a cross-site scripting (XSS) vulnerability via the admin panel. | 6.1 |
| 2023-07-06 | CVE-2023-23547 | Path Traversal vulnerability in Milesight Ur32L Firmware 32.3.0.5 A directory traversal vulnerability exists in the luci2-io file-export mib functionality of Milesight UR32L v32.3.0.5. | 6.5 |
| 2023-07-06 | CVE-2023-24496 | Unspecified vulnerability in Milesight Milesightvpn 2.0.2 Cross-site scripting (xss) vulnerabilities exist in the requestHandlers.js detail_device functionality of Milesight VPN v2.0.2. | 4.7 |