← back
CVE-2024-6516

Cross Site Scripting XSS

CVSS 9.3 CRITICALEPSS 1.1%CWE-79
Cross Site Scripting vulnerabilities where found providing a potential for malicious scripts to be injected into a client browser.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/V:D/RE:L/U:Red
Affected products
ABB · ASPECT-EnterpriseABB · MATRIX SeriesABB · NEXUS Series
public PoCs found3
exploitdbwww.exploit-db.com/exploits/52217unverifiedexploitdbwww.exploit-db.com/exploits/52214unverifiedexploitdbwww.exploit-db.com/exploits/52215unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://search.abb.com/library/Download.aspx?DocumentID=9AKK108469A7497&LanguageCode=en&DocumentPartId=&Action=Launch