Medium severity5.4NVD Advisory· Published Dec 16, 2020· Updated Jun 17, 2026
CVE-2019-14478
CVE-2019-14478
Description
AdRem NetCrunch 10.6.0.4587 has a stored Cross-Site Scripting (XSS) vulnerability in the NetCrunch web client. The user's input data is not properly encoded when being echoed back to the user. This data can be interpreted as executable code by the browser and allows an attacker to execute JavaScript code in the context of the user's browser if the victim opens or searches for a node whose "Display Name" contains an XSS payload.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- AdRem/NetCrunchdescription
Patches
Vulnerability mechanics
References
2- compass-security.com/fileadmin/Research/Advisories/2020-12_CSNC-2019-013_AdRem_NetCrunch_Cross-Site_Scripting_XSS.txtnvdExploitThird Party Advisory
- www.adremsoft.com/support/nvdVendor Advisory
News mentions
0No linked articles in our index yet.