75 matches found
EUVD-2023-54378
Malicious code in bioql PyPI...
EUVD-2023-33815
Malicious code in bioql PyPI...
EUVD-2023-35469
Malicious code in bioql PyPI...
Schweitzer Engineering Laboratories多款产品 安全漏洞
Schweitzer Engineering Laboratories SEL-5033 acSELerator RTAC Software and more are products of Schweitzer Engineering Laboratories, Inc. of the U.S.A. Schweitzer Engineering Laboratories SEL-5033 acSELerator RTAC Software is a graphical, easy-to-use tool that helps users quickly and easily...
CVE-2023-4523
Real Time Automation 460 Series products with versions prior to v8.9.8 are vulnerable to cross-site scripting, which could allow an attacker to run any JavaScript reference from the URL string. If this were to occur, the gateway's HTTP interface would redirect to the main page, which is index.htm...
CVE-2023-4523
Real Time Automation 460 Series products with versions prior to v8.9.8 are vulnerable to cross-site scripting, which could allow an attacker to run any JavaScript reference from the URL string. If this were to occur, the gateway's HTTP interface would redirect to the main page, which is index.htm...
Cross site scripting
Real Time Automation 460 Series products with versions prior to v8.9.8 are vulnerable to cross-site scripting, which could allow an attacker to run any JavaScript reference from the URL string. If this were to occur, the gateway's HTTP interface would redirect to the main page, which is index.htm...
CVE-2023-4523 Real Time Automation 460 Series Cross-site Scripting
Real Time Automation 460 Series products with versions prior to v8.9.8 are vulnerable to cross-site scripting, which could allow an attacker to run any JavaScript reference from the URL string. If this were to occur, the gateway's HTTP interface would redirect to the main page, which is index.htm...
CVE-2023-4523 Real Time Automation 460 Series Cross-site Scripting
Real Time Automation 460 Series products with versions prior to v8.9.8 are vulnerable to cross-site scripting, which could allow an attacker to run any JavaScript reference from the URL string. If this were to occur, the gateway's HTTP interface would redirect to the main page, which is index.htm...
CVE-2023-4523
CVE-2023-4523 affects Real Time Automation 460 Series with versions before v8.9.8. The vulnerability is cross-site scripting via the URL string, enabling an attacker to execute JavaScript and causing the gateway’s HTTP interface to redirect to index.htm. According to NVD, CVSS v3.1 base score is ...
Real Time Automation Cross-Site Scripting Vulnerability
Real Time Automation 460 Series is a series of gateways from Real Time Automation, Inc. A cross-site scripting vulnerability exists in Real Time Automation 460 Series versions prior to v8.9.8 that stems from an improper neutralization of input during 1 web page generation, allowing an attacker to...
PT-2023-29465 · Real Time Automation · Real Time Automation 460 Series
Name of the Vulnerable Software and Affected Versions: Real Time Automation 460 Series products versions prior to 8.9.8 Description: The issue allows an attacker to run any JavaScript reference from the URL string, which could lead to a cross-site scripting attack. If this occurs, the gateway's...
Real Time Automation 460 Series
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.4 ATTENTION : Exploitable remotely/low attack complexity/public exploits are available Vendor : Real Time Automation Equipment : 460MCBS Vulnerability : Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an...
SEL RTAC Channel Accessible by Non-Endpoint (CVE-2023-2310)
A Channel Accessible by Non-Endpoint vulnerability in the Schweitzer Engineering Laboratories SEL Real-Time Automation Controller RTAC could allow a remote attacker to perform a man-in-the-middle MiTM that could result in denial of service. See the ACSELERATOR RTAC SEL-5033 Software instruction...
Schweitzer Engineering Laboratories RTAC Cross-site Scripting (CVE-2023-31164)
An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller SEL RTAC Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code. See SEL...
CVE-2023-31161
An Improper Input Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller SEL RTAC Web Interface could allow an authenticated remote attacker to use internal resources, allowing a variety of potential effects. See SEL Service Bulletin dated 2022-11-15 f...
CVE-2023-31164
An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller SEL RTAC Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code. See SEL...
CVE-2023-31165
An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller SEL RTAC Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code. See SEL...
CVE-2023-31162
An Improper Input Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller SEL RTAC Web Interface could allow a remote authenticated attacker to arbitrarily alter the content of a configuration file. See SEL Service Bulletin dated 2022-11-15 for more...
CVE-2023-31160
An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller SEL RTAC Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code. See SEL...