VULHUB ™

A remote cross-site scripting vulnerability reportedly affects the Web-administration interface of the ZyXEL B-240 Wireless Ethernet Adapter. This issue is due to a failure of the application to properly sanitize URI input prior to including it in dymanic content. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the Web administration page. This may facilitate theft of cookie-based authentication credentials as well as other attacks. Apparently denial of service attacks are possible as well.

A remote cross-site scripting vulnerability reportedly affects the Web-administration interface of the ZyXEL B-240 Wireless Ethernet Adapter. This issue is due to a failure of the application to properly sanitize URI input prior to including it in dymanic content. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the Web administration page. This may facilitate theft of cookie-based authentication credentials as well as other attacks. Apparently denial of service attacks are possible as well.