MidnightBSD

Advisories for promise

CVE-2018-6603 MEDIUM

Promise Technology WebPam Pro-E devices allow remote attackers to conduct XSS, HTTP Response Splitting, and CRLF Injection attacks via JavaScript code in a PHPSESSID cookie.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-74,CWE-79,

Products Affected

Vendor Product Version
promise webpam_proe -