Free Trial

XSS vulnerability in Dashboards section in Kaa IoT Platform v1.2.0

Overview :
Kaa IoT Platform version 1.2.0 suffers from a persistent cross site scripting vulnerability.
Affected Product(s) :
  • Kaa IoT Platform version 1.2.0
Vulnerability Details :
CVE ID : CVE-2020-26701
Cross-site scripting (XSS) vulnerability in Dashboards section in Kaa IoT Platform v1.2.0 allows remote attackers to inject malicious web scripts or HTML Injection payloads via the Description parameter.

Solution :

This vulnerability is currently awaiting analysis.

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2024-47480 : DELL INVENTORY COLLECTOR CLIENT UP TO 12.6.X SYMLINK

CVE-2024-47480 : DELL INVENTORY COLLECTOR CLIENT UP TO 12.6.X SYMLINK

Description Dell Inventory Collector Client, versions prior to 12.7.0, contains an Improper Link Resolution Before File Access vulnerability. A low-privilege

Learn more
CVE-2024-49820 : IBM SECURITY GUARDIUM KEY LIFECYCLE MANAGER 4.1/4.1.1/4.2.0/4.2.1 CLEARTEXT TRANSMISSION

CVE-2024-49820 : IBM SECURITY GUARDIUM KEY LIFECYCLE MANAGER 4.1/4.1.1/4.2.0/4.2.1 CLEARTEXT TRANSMISSION

Description IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 could allow a remote attacker to obtain sensitive

Learn more
CVE-2024-53144 : LINUX KERNEL UP TO 6.1.112/6.6.54/6.10.13/6.11.2 HCI_EVENT PRIVILEGE ESCALATION

CVE-2024-53144 : LINUX KERNEL UP TO 6.1.112/6.6.54/6.10.13/6.11.2 HCI_EVENT PRIVILEGE ESCALATION

Description In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: Align BR/EDR JUST_WORKS paring with LE This

Learn more