GHSA-w92v-v6pq-mwmx

Опубликовано: 11 мая 2023

Источник: github

Github: Не прошло ревью

CVSS3: 5.5

Описание

A cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product

A cross site scripting vulnerability was discovered that could potentially allow a malicious user to view and modify sensitive data or make the web page unavailable. User interaction, such as a phishing attack, is required for successful exploitation of this vulnerability.

A cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product

Ссылки

EPSS

Процентиль: 31%

0.0012

Низкий

5.5 Medium

CVSS3

CVE ID

CVE-2023-29024

Дефекты

CWE-20

CWE-79

Связанные уязвимости

CVE-2023-29024

CVSS3: 5.5

nvd

больше 2 лет назад

A cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product A cross site scripting vulnerability was discovered that could potentially allow a malicious user to view and modify sensitive data or make the web page unavailable. User interaction, such as a phishing attack, is required for successful exploitation of this vulnerability.

BDU:2023-02776

CVSS3: 6.5

fstec

больше 2 лет назад

Уязвимость микропрограммного обеспечения распределенных контроллеров Rockwell Automation ArmorStart ST, связанная с недостатками проверки вводимых пользователем данных, позволяющая нарушителю осуществлять межсайтовые сценарные атаки (XSS)

EPSS

Процентиль: 31%

0.0012

Низкий

5.5 Medium

CVSS3

CVE ID

CVE-2023-29024

Дефекты

CWE-20

CWE-79