exploitDog

GHSA-rc73-rxx3-qqfc

Опубликовано: 06 июл. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 9.6

Описание

SAUTER Controls moduWeb firmware version 2.7.1 is vulnerable to reflective cross-site scripting (XSS). The web application does not adequately sanitize request strings of malicious JavaScript. An attacker utilizing XSS could then execute malicious code in users’ browsers and steal sensitive information, including user credentials.

SAUTER Controls moduWeb firmware version 2.7.1 is vulnerable to reflective cross-site scripting (XSS). The web application does not adequately sanitize request strings of malicious JavaScript. An attacker utilizing XSS could then execute malicious code in users’ browsers and steal sensitive information, including user credentials.

Ссылки

EPSS

Процентиль: 45%

0.00226

Низкий

9.6 Critical

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2022-40190

CVSS3: 8.8

nvd

больше 3 лет назад

SAUTER Controls moduWeb firmware version 2.7.1 is vulnerable to reflective cross-site scripting (XSS). The web application does not adequately sanitize request strings of malicious JavaScript. An attacker utilizing XSS could then execute malicious code in users’ browsers and steal sensitive information, including user credentials.

EPSS

Процентиль: 45%

0.00226

Низкий

9.6 Critical

CVSS3

CVE ID

Дефекты

CWE-79