CVE-2015-3976

CVE-2015-3976: GE Multilink Cross-site Scripting

Vendor Ge

Product Multilink ML800/1200/1600/2400

Weakness CWE-79 · XSS

Published August 28, 2017

Last update November 4, 2025

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

Cross-site scripting (XSS) vulnerability in GE Multilink ML810/3000/3100 series switch 5.2.0 and earlier, and GE Multilink ML800/1200/1600/2400 4.2.1 and earlier.

Key dates

02Disclosure timeline

August 28, 2017 CVE published

November 4, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2015-3976

Related vulnerabilities

04Related CVE

CVE-2022-0892 Export All URLs < 4.2 - Reflected Cross-Site Scripting CVE-2025-0314 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab CVE-2026-40112 PraisonAI has Stored XSS via Unsanitized Agent Output in HTML Rendering (nh3 Not a Required Dependency) CVE-2024-1987 WP-Members Membership Plugin <= 3.4.9.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode CVE-2023-40330 WordPress GD Security Headers Plugin <= 1.6.1 is vulnerable to Cross Site Scripting (XSS)

Identifiers

CVE CVE-2015-3976

CWE CWE-79

Affected versions

Vendor Ge

Product Multilink ML800/1200/1600/2400

Affected ≤ 4.2.1

Vendor Ge

Product ML810/3000/3100 series switch

Affected ≤ 5.2.0