Vulnerability CVE-2023-25018


Published: 2023-03-27

Description:
RIFARTEK IOT Wall transportation function has insufficient filtering for user input. An authenticated remote attacker with general user privilege can inject JavaScript to perform reflected XSS (Reflected Cross-site scripting) attack.

Type:

CWE-79

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

 References:
https://www.twcert.org.tw/tw/cp-132-6963-7d2ee-1.html

Copyright 2026, cxsecurity.com

 

Back to Top