Cross site scripting

2023-10-0913:15:00

PRIOn knowledge base

www.prio-n.com

remote execution

input neutralization

cross-site scripting

6.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

33.1%

JSON

Improper Neutralization of Input During Web Page Generation (’Cross-site Scripting’) in RDT400 in SICK APU allows an unprivileged remote attacker to run arbitrary code in the clients
browser via injecting code into the website.

CPENameOperatorVersion
apu0200_firmwarelt4.0.0.6

CPE	Name	Operator	Version
	apu0200_firmware	lt	4.0.0.6

References

sick.com/.well-known/csaf/white/2023/sca-2023-0010.json

sick.com/.well-known/csaf/white/2023/sca-2023-0010.pdf

sick.com/psirt