CVE-2024-4224

CVE-2024-4224: TP-Link TL-SG1016DE XSS

Vendor Tp-Link
Product TL-SG1016DE
Weakness CWE-79 · XSS
Published July 15, 2024
Last update August 1, 2024
View on NVD All CVEs

CVSS base score

What the vulnerability does

01Description

An authenticated stored cross-site scripting (XSS) exists in the TP-Link TL-SG1016DE affecting version TL-SG1016DE(UN) V7.6_1.0.0 Build 20230616, which could allow an adversary to run JavaScript in an administrator's browser. This issue was fixed in TL-SG1016DE(UN) V7_1.0.1 Build 20240628.

Key dates

02Disclosure timeline

July 15, 2024 CVE published
August 1, 2024 Record updated