5.2 Medium
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H
0.001 Low
EPSS
Percentile
23.0%
Eaton Intelligent Power Protector (IPP) prior to version 1.69 is vulnerable to stored Cross Site Scripting. The vulnerability exists due to insufficient validation of user input and improper encoding of the output for certain resources within the IPP software.
[
{
"product": "Eaton Intelligent Power Protector (IPP)",
"vendor": "Eaton",
"versions": [
{
"lessThan": "1.69 release 166",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]