Cross-Site Scripting Vulnerability in ZyWALL 10 Web Interface
CVE-2004-1789

Currently unrated

Key Information:

Vendor: Zyxel
Status: Zywall10
Vendor: CVE Published:; 31 December 2004

Summary

The web management interface of ZyWALL 10 version 4.07 contains a Cross-Site Scripting (XSS) vulnerability that allows remote attackers to inject arbitrary web scripts or HTML through the rpAuth_1 page. This flaw can potentially be exploited to execute malicious scripts in the context of users accessing the management interface, leading to unauthorized actions and compromised user data.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/14163

vdb-entryx_refsource_XF

http://securitytracker.com/id?1008644

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/bid/9373

vdb-entryx_refsource_BID

Timeline

Vulnerability Reserved
May 4, 2005
Vulnerability published
Dec 31, 2004