Unrated severityNVD Advisory· Published Mar 4, 2026· Updated Mar 5, 2026
Reflected XSS in IDC_Logging Index endpoint
CVE-2026-28772
Description
A Reflected Cross-Site Scripting (XSS) vulnerability in the /IDC_Logging/index.cgi endpoint of International Datacasting Corporation (IDC) SFX Series SuperFlex SatelliteReceiver Web Management Interface version 101 allows a remote attacker to execute arbitrary web scripts or HTML. The vulnerability is triggered by sending a crafted payload through the submitType parameter, which is reflected directly into the DOM without proper escaping.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: 101
- International Datacasting Corporation (IDC)/SFX Series SuperFlex SatelliteReceiver Web Management Interfacev5Range: 101
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.