What the vulnerability does
01Description
In Advantech Spectre RT Industrial Routers ERT351 5.1.3 and prior, the affected product does not neutralize special characters in the error response, allowing attackers to use a reflected XSS attack.
CVSS base score
—
Key dates
02Disclosure timeline
March 17, 2021
CVE published
August 5, 2024
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2024-30053 Azure Migrate Cross-Site Scripting Vulnerability
CVE-2024-38678 WordPress Calendar.online / Kalender.digital – Plugin plugin <= 1.0.8 - Cross Site Scripting (XSS) vulnerability
CVE-2024-5220 ND Shortcodes <= 7.5 - Authenticated (Author+) Stored Cross-Site Scripting
CVE-2023-41242 WordPress Snap Pixel Plugin <= 1.5.7 is vulnerable to Cross Site Scripting (XSS)
CVE-2025-6251 Royal Elementor Addons and Templates <= 1.7.1036 - Authenticated (Contributor+) Stored Cross-Site Scripting
