Medium severity5.4NVD Advisory· Published May 18, 2020· Updated Jun 17, 2026
CVE-2020-12256
CVE-2020-12256
Description
rConfig 3.9.4 is vulnerable to reflected XSS. The devicemgmnt.php file improperly validates user input. An attacker can exploit this by crafting arbitrary JavaScript in the deviceId GET parameter to devicemgmnt.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- rConfig/rConfigdescription
Patches
Vulnerability mechanics
References
1- gist.github.com/farid007/8855031bad0e497264e4879efb5bc9f8nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.