Описание
SaTECH BCU in its firmware version 2.1.3 allows an attacker to inject malicious code into the legitimate website owning the affected device, once the cookie is set. This attack only impacts the victim's browser (reflected XSS).
Ссылки
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:arteche:satech_bcu_firmware:2.1.3:*:*:*:*:*:*:*
cpe:2.3:h:arteche:satech_bcu:-:*:*:*:*:*:*:*
EPSS
Процентиль: 38%
0.00167
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 6.1
github
11 месяцев назад
SaTECH BCU in its firmware version 2.1.3 allows an attacker to inject malicious code into the legitimate website owning the affected device, once the cookie is set. This attack only impacts the victim's browser (reflected XSS).
EPSS
Процентиль: 38%
0.00167
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-79