National Rail Enquiries CVEs and Security Vulnerabilities

Filtered by vendor National Rail Enquiries Subscriptions

Switch to Advanced Search (Beta)

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2008-2011	1 National Rail Enquiries	1 National Rail Enquiries Live Departure Boards	2024-11-21	N/A
Cross-site scripting (XSS) vulnerability in the National Rail Enquiries Live Departure Boards gadget before 1.1 allows remote National Rail Enquiries servers or man-in-the-middle attackers to inject arbitrary web script or HTML, and execute arbitrary code, via a response body, as demonstrated by a SCRIPT element that references a vbscript: URI.

Page 1 of 1.