Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
(CWE-79)
Summary
A vulnerability in Red Lion Europe mbNET/mbNET.rokey and Helmholz REX 200 and REX 250 devices with firmware lower 7.3.2 allows an authenticated remote attacker with high privileges to inject malicious HTML or JavaScript code (XSS).