← voltar
CVE-2023-6333

Cross-site Scripting in ControlByWeb Relays

CVSS 7.5 HIGHEPSS 0.4%CWE-79
The affected ControlByWeb Relay products are vulnerable to a stored cross-site scripting vulnerability, which could allow an attacker to inject arbitrary scripts into the endpoint of a web interface that could run malicious javascript code during a user's session.
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:L
Produtos afetados
ControlByWeb · X-301-24IControlByWeb · X-301-IControlByWeb · X-332-24I

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://www.cisa.gov/news-events/ics-advisories/icsa-23-341-05