Vulnerabilities > Racom > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-16 | CVE-2021-20071 | Cross-site Scripting vulnerability in Racom M!Dge Firmware 4.4.40.105 Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to conduct cross-site scriptings attacks via the sms.php dialogs. | 4.8 |
| 2021-02-16 | CVE-2021-20070 | Cross-site Scripting vulnerability in Racom M!Dge Firmware 4.4.40.105 Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to conduct cross-site scriptings attacks via the virtualization.php dialogs. | 4.8 |
| 2021-02-16 | CVE-2021-20069 | Cross-site Scripting vulnerability in Racom M!Dge Firmware 4.4.40.105 Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to conduct cross-site scripting attacks via the regionalSettings.php dialogs. | 4.8 |
| 2021-02-16 | CVE-2021-20068 | Cross-site Scripting vulnerability in Racom M!Dge Firmware 4.4.40.105 Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to conduct cross-site scripting attacks via the error handling functionality of web pages. | 4.8 |
| 2021-02-16 | CVE-2021-20067 | Missing Authentication for Critical Function vulnerability in Racom M!Dge Firmware 4.4.40.105 Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to view sensitive syslog events without authentication. | 5.3 |