Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 is vulnerable to reflected cross-site scripting attacks. An attacker could inject JavaScript in a GET parameter of HTTP requests and perform unauthorized actions such as stealing internal information and performing actions in context of an authenticated user.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:NFresenius Kabi Agilia Connect
HWFresenius-Kabiwszystkie wersjeFresenius Kabi Agilia Connect Firmware
OSFresenius-Kabiβ€ d25Fresenius Kabi Agilia Partner Maintenance Software
APPFresenius-Kabiβ€ 3.3.0Fresenius Kabi Link\+ Agilia
HWFresenius-Kabiwszystkie wersjeFresenius Kabi Link\+ Agilia Firmware
OSFresenius-Kabi3.0< 3.0Fresenius Kabi Vigilant Centerium
APPFresenius-Kabi1.0Fresenius Kabi Vigilant Insight
APPFresenius-Kabi1.0Fresenius Kabi Vigilant Mastermed
APPFresenius-Kabi1.0
Related vulnerabilities
The web application on Agilia Link+ version 3.0 implements authentication and session management mechanisms ex...
Sensitive endpoints in Fresenius Kabi Agilia Link+ v3.0 and prior can be accessed without any authentication i...
Fresenius Kabi Agilia Link + version 3.0 does not enforce transport layer encryption. Therefore, transmitted d...
Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 allows user input to be validated...
Requests may be used to interrupt the normal operation of the device. When exploited, Fresenius Kabi Agilia Li...