2021-10-13 18:15:00 2021-10-19 20:34:00

The Profile Name field in the floor plan (Network Menu) page in Draytek VigorConnect 1.6.0-B3 was found to be vulnerable to stored XSS, as user input is not properly sanitized.

Vector

NETWORK

Complexity

MEDIUM

Authentication

SINGLE

Confidentiality

NONE

Integrity

PARTIAL

Availability

NONE