Ericsson Enterprise Wireless

CPSEC-16: XSS Vulnerability on Cradlepoint Website

2019-01-08 14:23:11

Summary: Reflected Cross Site Scripting (XSS) Vulnerability. Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted web sites. Identified by third party researcher Ketan Madhukar Mukane.

Mitigation: Remove the vulnerable page from the Cradlepoint website; no Advisory issued. For more information or instructions on these mitigation steps, consult the Cradlepoint Knowledgebase or contact Cradlepoint Support.

Cradlepoint Support