cvedb.io
CVE-2024-3776
MEDIUM · CVSS 6.1
EPSS exploitation probability: 0%
Published 2024-04-15T04:15:16.340 · Last modified 2026-06-17T07:45:00.250

Summary

The parameter used in the login page of Netvision airPASS is not properly filtered for user input. An unauthenticated remote attacker can insert JavaScript code to the parameter for Reflected Cross-site scripting attacks.

Affected products

netvision — airpass

Does this affect you?

Add your gear to cvedb and we'll alert you only when netvision ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.