HarborGuard / CVE
Back to search
HIGHCVE-2026-42366Published Modified CNA GV

CVE-2026-42366: GeoVision LPC2011/LPC2211 Web Interface / ssi.cgi reflected cross-site scripting (XSS) vulnerabilities

Multiple reflected cross-site scripting (xss) vulnerabilities exist in the Web Interface / ssi.cgi functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted malicious url can lead to an arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability.

Metrics

CVSS v3.1
7.4
Severity
HIGH
Fixed in
V1.20
Affected Products
1

Fix available

V1.20
Affected packages
  • GeoVision Inc. / GV-LPC2011/LPC2211
    V1.10
    Fixed in V1.20
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N
References
CVE-2026-42366: GeoVision LPC2011/LPC2211 Web Interface / ssi.cgi reflected cross-site scripting (XSS) vulnerabilities | HarborGuard CVE