Cross site scripting

2023-05-1511:15:00

PRIOn knowledge base

www.prio-n.com

cross site scripting

sensitive information

remote attacker

user credentials

local storage

nvd

7.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

49.6%

JSON

Cleartext Storage of Sensitive Information in SICK FTMg AIR FLOW SENSOR with
Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows a remote
attacker to potentially steal user credentials that are stored in the user’s browsers local storage via
cross-site-scripting attacks.

CPENameOperatorVersion
ftmg-esd15axx_firmwarelt2.0
ftmg-esd20axx_firmwarelt2.0
ftmg-esd25axx_firmwarelt2.0
ftmg-esn40sxx_firmwarelt2.0
ftmg-esn50sxx_firmwarelt2.0
ftmg-esr40sxx_firmwarelt2.0
ftmg-esr50sxx_firmwarelt2.0

Name	Operator	Version
ftmg-esd15axx_firmware	lt	2.0
ftmg-esd20axx_firmware	lt	2.0
ftmg-esd25axx_firmware	lt	2.0
ftmg-esn40sxx_firmware	lt	2.0
ftmg-esn50sxx_firmware	lt	2.0
ftmg-esr40sxx_firmware	lt	2.0
ftmg-esr50sxx_firmware	lt	2.0