CVE-2020-27262

CVE-2020-27262

Vendor N/A
Product Innokas Yhtymä Oy Vital Signs Monitor VC150
Weakness CWE-79 · XSS
Published January 8, 2021
Last update August 4, 2024

CVSS base score

What the vulnerability does

01Description

Innokas Yhtymä Oy Vital Signs Monitor VC150 prior to Version 1.7.15 A stored cross-site scripting (XSS) vulnerability exists in the affected products that allow an attacker to inject arbitrary web script or HTML via the filename parameter to multiple update endpoints of the administrative web interface.

Key dates

02Disclosure timeline

January 8, 2021 CVE published
August 4, 2024 Record updated