CISA has published an advisory on a cross-site scripting vulnerability in HMS Networks eWON Flexy and Cosy. For both products, all firmware versions prior to 14.1s0 are affected. Successful exploitation of this vulnerability could initiate a password change. HMS Networks recommends users update to latest firmware, Version 14.1s0. CISA also recommends a series of measures to mitigate the vulnerability. Read the advisory at CISA.
Early bird registration for H2OSecCon 2024 is now open! - REGISTER HERE