First published: Mon Feb 17 2020(Updated: )
Iteris Vantage Velocity Field Unit 2.4.2 devices have multiple stored XSS issues in all parameters of the Start Data Viewer feature of the /cgi-bin/loaddata.py script.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Iteris Vantage Velocity Firmware | =2.4.2 | |
Iteris Vantage Velocity |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2020-9025.
The title of the vulnerability is 'Iteris Vantage Velocity Field Unit 2.4.2 devices have multiple stored XSS issues in all parameters of the Start Data Viewer feature of the /cgi-bin/loaddata.py script.'
The severity of CVE-2020-9025 is medium with a severity value of 6.1.
The affected software is Iteris Vantage Velocity Firmware version 2.4.2.
To fix CVE-2020-9025, it is recommended to apply the latest firmware update provided by Iteris.