2 matches found
PTC ThingWorx Password Disclosure / Cross Site Scripting Vulnerabilities
PTC ThingWorx suffers from cross site scripting and password disclosure vulnerabilities. Versions affected include 6.5 through 7.4, 8.0.x, 8.1.x, and 8.2.x. ======================================================================= title: Password disclosure vulnerability & XSS product: PTC ThingWor...
CVE-2018-17217
PTC ThingWorx Platform versions 6.5 through 8.2 are affected by CVE-2018-17217 due to a hardcoded encryption key. This root cause enables potential exposure of sensitive data, with NVD listing CVSSv3 base score 7.5 (HIGH) and network vector. No remediation or exploit details are provided in the c...