Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
Cross-site scripting (XSS) vulnerability in the Push-Service-Mails feature in AVM FRITZ!OS before 6.30 allows remote attackers to inject arbitrary web script or HTML via the display name in the FROM field of an SIP INVITE message.
- http://ds-develop.de/advisories/advisory-2016-01-07-1-avm.txt
- http://packetstormsecurity.com/files/135168/AVM-FRITZ-OS-HTML-Injection.html
No PoCs found on GitHub currently.