Back to CVE List

CVE-2026-12948

Vulnerability Description

A stored cross-site scripting (XSS) vulnerability in the web management interface of the Digi PortServer TS, Digi One SP, Digi One SP IA, and Digi One IA allows a remote, authenticated administrator to inject script into certain system configuration fields. The script subsequently executes in the browser of a user who views the affected pages (CWE-79).

Vulnerability Details

Published Date
Last Modified
CWE ID
CWE-79
Source
NVD
Vendor
Digi International
Product
Digi PortServer TS, Digi One SP, Digi One SP IA, Digi One IA

External References

Discussion (0)

Add Comment

No comments yet. Be the first!