Vulnerabilities > Swisscom > Centro Grande Firmware > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-16 | CVE-2019-19941 | Cross-site Scripting vulnerability in Swisscom Centro Grande Firmware 6.12.02/6.14.00 Missing hostname validation in Swisscom Centro Grande before 6.16.12 allows a remote attacker to inject its local IP address as a domain entry in the DNS service of the router via crafted hostnames in DHCP requests, causing XSS. | 5.4 |