CVE-2015-6466
Cross-site scripting (XSS) vulnerability in the Diagnosis Ping feature in the administrative web interface on Moxa EDS-405A and EDS-408A switches with firmware before 3.6 allows remote attackers to inject arbitrary web script or HTML via an unspecified field.
Date published : 2015-09-11
http://www.moxa.com/support/download.aspx?type=support&id=328