Reolink Cross-Site Scripting Vulnerability in valuateJavascript() Function
Vulnerability
A cross-site scripting vulnerability has been identified in Reolink version 4.54.0.4.20250526. The issue arises in the valuateJavascript() function, where attackers can execute arbitrary web scripts or HTML by injecting a crafted payload.
Impact
Exploitation of this vulnerability allows for cross-site scripting, where an attacker can inject and execute malicious scripts in the context of the user's browser.
Added: Aug 22, 2025, 5:46 PM
Updated: Aug 22, 2025, 6:43 PM
Vulnerability Rating
Custom Algorithm
spread
0.0impact
1.7exploitability
6.4remediation
0.0relevance
0.4threat
0.0urgency
2.9incentive
0.8Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.