CVE-2023-24709
Published
CVSS v3
7.5
HIGH
CVSS v2
N/A
Affected
1
PROJECT
Description
An issue found in Paradox Security Systems IPR512 allows attackers to cause a denial of service via the login.html and login.xml parameters.
In Paradox Security System IPR512 web panel, an unauthenticated user can input JavaScript string, such as </script> that will overwrite configurations in the file "login.xml" and cause the login form to crash and make it unavailable.
GitHub