4 matches found
elo.gemfw-wennigsen.de Cross Site Scripting vulnerability OBB-3806848
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2014-2369
Cross-site request forgery CSRF vulnerability in the web application on Omron NS5, NS8, NS10, NS12, and NS15 HMI terminals 8.1xx through 8.68x allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors...
CVE-2014-2369 Omron NS Series HMI Cross-Site Request Forgery
Cross-site request forgery CSRF vulnerability in the web application on Omron NS5, NS8, NS10, NS12, and NS15 HMI terminals 8.1xx through 8.68x allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors...
CVE-2014-2369
Summary (CVE-2014-2369) CSRF vulnerability in Omron NS series HMI terminals (NS5/NS8/NS10/NS12/NS15; firmware 8.1xx–8.68x) could allow a remote authenticated attacker to hijack a victim’s session. Root cause: inadequate request verification in the web application (CWE-352). CVSSv2 base scores: NV...