We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
Assigner | mitre |
Reserved | 2022-04-08 |
Published | 2023-07-24 |
Updated | 2024-10-24 |
An issue was discovered in Nokia NetAct 22 through the Site Configuration Tool website section. A malicious user can change a filename of an uploaded file to include JavaScript code, which is then stored and executed by a victim's web browser. The most common mechanism for delivering malicious content is to include it as a parameter in a URL that is posted publicly or e-mailed directly to victims. Here, the /netact/sct filename parameter is used.
https://www.telecomitalia.com/tit/it/innovazione/cybersecurity/red-team.html
https://www.gruppotim.it/it/footer/red-team.html