Lucene search
PRIOn knowledge basePRION:CVE-2023-28648HistoryMar 28, 2023 - 9:15 p.m.
Design/Logic Flaw
2023-03-2821:15:00
PRIOn knowledge base
www.prio-n.com
6
osprey pump controller
version 1.01
get parameter
input vulnerability
arbitrary code execution
html
js
browser session
affected site
Osprey Pump Controller version 1.01 inputs passed to a GET parameter are not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML/JS code in a user’s browser session in context of an affected site.
| CPE | Name | Operator | Version |
|---|---|---|---|
| osprey_pump_controller_firmware | eq | 1.01 |
Related
nvd
nvd
CVE-2023-28648
2023-03-28 21:15:11
zeroscience
zeroscience
Osprey Pump Controller 1.0.1 Unauthenticated Reflected XSS
2023-02-27 00:00:00
cve
cve
CVE-2023-28648
2023-03-28 21:15:11
cvelist
cvelist
CVE-2023-28648 CVE-2023-28648
2023-03-28 20:06:56
ics
ics
ProPump and Controls Osprey Pump Controller (Update A)
2024-02-08 12:00:00