0.001 Low
EPSS
Percentile
36.3%
A cross-site scripting (XSS) vulnerability in Rule Engine in ThingsBoard 3.3.1 allows remote attackers (with administrative access) to inject arbitrary JavaScript within the title of a rule node.
github.com/thingsboard/thingsboard
packetstormsecurity.com/files/167999/Thingsboard-3.3.1-Cross-Site-Scripting.html