CVE-2022-48192

Опубликовано: 06 нояб. 2023

Источник: nvd

CVSS3: 7.2

CVSS3: 6.1

EPSS Низкий

Описание

Cross-site Scripting vulnerability in Softing smartLink SW-HT before 1.30, which allows an attacker to execute a dynamic script (JavaScript, VBScript) in the context of the application.

Ссылки

https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-11.html
Third Party Advisory
https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-11.json
Third Party Advisory
https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-11.html
Third Party Advisory
https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-11.json
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:softing:smartlink_sw-ht:*:*:*:*:*:*:*:*

Версия до 1.30 (исключая)

EPSS

Процентиль: 20%

0.00065

Низкий

7.2 High

CVSS3

6.1 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-426h-v87f-gxvw

CVSS3: 7.2

github

больше 2 лет назад

Cross-site Scripting vulnerability in Softing smartLink SW-HT before 1.30, which allows an attacker to execute a dynamic script (JavaScript, VBScript) in the context of the application.

EPSS

Процентиль: 20%

0.00065

Низкий

7.2 High

CVSS3

6.1 Medium

CVSS3

Дефекты

CWE-79