exploitDog

CVE-2022-41651

Опубликовано: 27 окт. 2022

Источник: nvd

CVSS3: 8.7

CVSS3: 5.4

EPSS Низкий

Описание

The affected product DIAEnergie (versions prior to v1.9.01.002) is vulnerable to a stored cross-site scripting vulnerability through the SetPF API.

Ссылки

https://www.cisa.gov/uscert/ics/advisories/icsa-22-298-06
Mitigation
Third Party Advisory
US Government Resource
https://www.cisa.gov/uscert/ics/advisories/icsa-22-298-06
Mitigation
Third Party Advisory
US Government Resource

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:deltaww:diaenergie:*:*:*:*:*:*:*:*

Версия до 1.9.01.002 (исключая)

EPSS

Процентиль: 65%

0.00488

Низкий

8.7 High

CVSS3

5.4 Medium

CVSS3

Дефекты

CWE-79

CWE-79

Связанные уязвимости

GHSA-5qgj-73pm-mvf2

CVSS3: 5.4

github

больше 3 лет назад

The affected product DIAEnergie (versions prior to v1.9.01.002) is vulnerable to a stored cross-site scripting vulnerability through the SetPF API.

EPSS

Процентиль: 65%

0.00488

Низкий

8.7 High

CVSS3

5.4 Medium

CVSS3

Дефекты

CWE-79

CWE-79