XSS in Ericsson Drutt_mobile_service_delivery_platform
CVE-2015-2165
Multiple cross-site scripting (XSS) vulnerabilities in the Report Viewer in Ericsson Drutt Mobile Service Delivery Platform (MSDP) 4.x, 5.x, and 6.x allow remote attackers to inject arbitrary web script or HTML via the (1) portal, (2) from…
Vulnerability class: XSS (Cross-Site Scripting)
EPSS: 0.003 (52.1th percentile) — read the EPSS interpretation.
Affected products
- Ericsson Drutt_mobile_service_delivery_platform — versions 4.0, 5.0, 6.0
- N/a — versions n/a
Weakness classification (CWE)
References
- 73933 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_BID)
- cve@mitre.org (Exploit, VDB Entry, Third Party Advisory, x_refsource_MISC)