CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
Percentile
17.3%
CWE-79: Improper Neutralization of Input During Web Page Generation (‘Cross-site
Scripting’) vulnerability exists that could cause a vulnerability leading to a cross-site scripting
condition where attackers can have a victim’s browser run arbitrary JavaScript when they visit a
page containing the injected payload.
Vendor | Product | Version | CPE |
---|---|---|---|
schneider-electric | modicon_m241_firmware | * | cpe:2.3:o:schneider-electric:modicon_m241_firmware:*:*:*:*:*:*:*:* |
schneider-electric | modicon_m241 | - | cpe:2.3:h:schneider-electric:modicon_m241:-:*:*:*:*:*:*:* |
schneider-electric | modicon_m251_firmware | * | cpe:2.3:o:schneider-electric:modicon_m251_firmware:*:*:*:*:*:*:*:* |
schneider-electric | modicon_m251 | - | cpe:2.3:h:schneider-electric:modicon_m251:-:*:*:*:*:*:*:* |
schneider-electric | modicon_m258_firmware | * | cpe:2.3:o:schneider-electric:modicon_m258_firmware:*:*:*:*:*:*:*:* |
schneider-electric | modicon_m258 | - | cpe:2.3:h:schneider-electric:modicon_m258:-:*:*:*:*:*:*:* |
schneider-electric | modicon_m262_firmware | * | cpe:2.3:o:schneider-electric:modicon_m262_firmware:*:*:*:*:*:*:*:* |
schneider-electric | modicon_m262 | - | cpe:2.3:h:schneider-electric:modicon_m262:-:*:*:*:*:*:*:* |
schneider-electric | modicon_lmc058_firmware | * | cpe:2.3:o:schneider-electric:modicon_lmc058_firmware:*:*:*:*:*:*:*:* |
schneider-electric | modicon_lmc058 | - | cpe:2.3:h:schneider-electric:modicon_lmc058:-:*:*:*:*:*:*:* |