Description
Cross-site scripting (XSS) vulnerability in the web interface in HomeSeer HS2 2.5.0.20 allows remote attackers to inject arbitrary web script or HTML via a request for a crafted URI.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Silent Dream · textremotehardware
https://www.exploit-db.com/exploits/36429
References (1)
Core 1
Core References
US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/796883
Scores
EPSS
0.0106
EPSS Percentile
77.7%
Details
CWE
CWE-79
Status
published
Products (1)
homeseer/homeseer_hs2
2.5.0.20
Published
Dec 15, 2011
Tracked Since
Feb 18, 2026