Описание
This vulnerability could allow an attacker to send malicious Javascript code resulting in hijacking of the user’s cookie/session tokens, redirecting the user to a malicious webpage, and performing unintended browser action.
Ссылки
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1Версия до 2.1.11.0 (исключая)
cpe:2.3:a:advantech:webaccess_hmi_designer:*:*:*:*:*:*:*:*
EPSS
Процентиль: 38%
0.00165
Низкий
5.4 Medium
CVSS3
6.1 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-79
CWE-79
Связанные уязвимости
github
больше 3 лет назад
This vulnerability could allow an attacker to send malicious Javascript code resulting in hijacking of the user’s cookie/session tokens, redirecting the user to a malicious webpage, and performing unintended browser action.
EPSS
Процентиль: 38%
0.00165
Низкий
5.4 Medium
CVSS3
6.1 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-79
CWE-79