Authenticated Stored Cross-Site Scripting in JM-DATA ONU JF511-TV
CVE-2022-50801

5.1MEDIUM

Key Information:

Vendor

Jm-data Onu

Status
Jf511-tv
Vendor
CVE Published:
30 December 2025

Badges

๐Ÿ‘พ Exploit Exists

What is CVE-2022-50801?

The JM-DATA ONU JF511-TV version 1.0.67 is susceptible to a vulnerability that allows an authenticated user to execute scripts on the browsers of other users. This type of attack enables potential attackers to inject malicious content, which executes when victims view affected resources. Such vulnerabilities can lead to significant security concerns, including data theft and unauthorized access to sensitive information.

Affected Version(s)

JF511-TV 1.0.67

JF511-TV 1.0.62

JF511-TV 1.0.55

References

https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-57...
third-party-advisory
https://packetstormsecurity.com/files/167487/
exploit
https://cxsecurity.com/issue/WLB-2022060058
third-party-advisory

CVSS V4

Score:
5.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • ๐ŸŸก

    Public PoC available

  • ๐Ÿ‘พ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

Credit

Neurogenesia
JSON
.
CVE-2022-50801 : Authenticated Stored Cross-Site Scripting in JM-DATA ONU JF511-TV