VYPR
Unrated severityNVD Advisory· Published Jul 6, 2023· Updated Nov 4, 2025

CVE-2023-24496

CVE-2023-24496

Description

Cross-site scripting (xss) vulnerabilities exist in the requestHandlers.js detail_device functionality of Milesight VPN v2.0.2. A specially-crafted HTTP request can lead to arbitrary Javascript code injection. An attacker can send an HTTP request to trigger these vulnerabilities.This XSS is exploited through the name field of the database.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Hola/VPNllm-fuzzy
    Range: = v2.0.2
  • Milesight/MilesightVPNv5
    Range: v2.0.2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.