5.2 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
39.4%
The vulnerability exists within css.inc.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The ‘css’ parameter contains a directory traversal vulnerability.
www.schneider-electric.com/en/download/document/SEVD-2018-095-01/