An issue was discovered in Schneider Electric homeLYnk Controller, LSS100100, all versions prior to V1.5.0. The homeLYnk controller is susceptible to a cross-site scripting attack. User inputs can be manipulated to cause execution of JavaScript code.
6.1CVSS
5.9AI Score
0.001EPSS
A Command Injection vulnerability in Schneider Electric homeLYnk Controller exists in all versions before 1.5.0.
9.8CVSS
9.6AI Score
0.004EPSS