XSS in Digi International One Ia
CVE-2026-12948
A stored cross-site scripting (XSS) vulnerability in the web management interface of the Digi PortServer TS, Digi One SP, Digi One SP IA, and Digi One IA allows a remote, authenticated administrator to inject script into certain system con…
Vulnerability class: XSS (Cross-Site Scripting)
Affected products
- Digi International One Ia — versions 82000747_V1
- Digi International One Sp — versions 82000747_V1
- Digi International One Sp Ia — versions 82000747_V1
- Digi International Portserver Ts — versions 82000747_V1