CNNVD-202602-2182 Information

CNNVD ID

CNNVD-202602-2182

Related CVE

CVE-2019-25323

• CNNVD Published: 2026-02-12

Description (Chinese)

Heatmiser Netmonitor是Heatmiser公司的一个恒温系统控制器。 Heatmiser Netmonitor v3.03版本存在跨站脚本漏洞，该漏洞源于outputSetup.htm页面中outputtitle参数存在HTML注入，可能导致执行任意HTML。

Description (English)

Heatmiser Netmontor is a thermostat controller for Heatmiser. Hotmiser Netmonitor v3.03 has a cross-site script loophole, which originates from the HTML injection of unputSetup.htm outputitle parameters on the page, which may lead to the execution of any HTML.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

Heatmiser

Published

2026-02-12

Last Modified

2026-02-24

References

https://www.heatmiser.com/en/ https://web.archive.org/web/20190724160628/ https://www.exploit-db.com/exploits/47828 https://www.vulncheck.com/advisories/heatmiser-netmonitor-html-injection https://www.zoneregeling.nl/heatmiser/netmonitor-handleiding.pdf