Описание
On an instance of TwinCAT 3 HMI Server running on a device an authenticated administrator can inject arbitrary content into the custom CSS field which is persisted on the device and later returned via the login page and error page.
EPSS
Процентиль: 10%
0.00035
Низкий
5.5 Medium
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 5.5
github
19 дней назад
On an instance of TwinCAT 3 HMI Server running on a device an authenticated administrator can inject arbitrary content into the custom CSS field which is persisted on the device and later returned via the login page and error page.
EPSS
Процентиль: 10%
0.00035
Низкий
5.5 Medium
CVSS3
Дефекты
CWE-79