Medium severity5.4NVD Advisory· Published May 18, 2020· Updated Jun 17, 2026
CVE-2020-12259
CVE-2020-12259
Description
rConfig 3.9.4 is vulnerable to reflected XSS. The configDevice.php file improperly validates user input. An attacker can exploit this vulnerability by crafting arbitrary JavaScript in the rid GET parameter of devicemgmnt.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- rConfig/rConfigdescription
Patches
Vulnerability mechanics
References
1- gist.github.com/farid007/8855031bad0e497264e4879efb5bc9f8nvdThird Party Advisory
News mentions
0No linked articles in our index yet.