XSS Vulnerability in TP-Link USB Network Server Products
CVE-2020-15056
4.3MEDIUM
What is CVE-2020-15056?
The TP-Link USB Network Server TL-PS310U devices prior to version 2.079.000.t0210 are susceptible to Cross-Site Scripting (XSS) vulnerabilities. Attackers connected to the same network can exploit this weakness by setting a maliciously crafted server name, which can lead to persistent XSS attacks. This vulnerability allows unauthorized users to execute arbitrary scripts in the context of the user's browser, potentially compromising sensitive information and user session. It is crucial for administrators to apply the necessary updates to mitigate such risks.