A CWE-79 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) vulnerability that could cause a vulnerability leading to a cross site scripting condition where attackers can have a victim’s browser run arbitrary JavaScript when they visit a page containing the injected payload.
2023-11-15T04:15:19.700
2024-11-21T08:42:55.697
Modified
CVSSv3.1: 6.1 (MEDIUM)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | schneider-electric | ecostruxure_power_monitoring_expert | 2020 | Yes |
| Application | schneider-electric | ecostruxure_power_monitoring_expert | 2020 | Yes |
| Application | schneider-electric | ecostruxure_power_monitoring_expert | 2020 | Yes |
| Application | schneider-electric | ecostruxure_power_monitoring_expert | 2021 | Yes |
| Application | schneider-electric | ecostruxure_power_monitoring_expert | 2021 | Yes |