4 matches found
PTC ThingWorx Password Disclosure / Cross Site Scripting Vulnerabilities
PTC ThingWorx suffers from cross site scripting and password disclosure vulnerabilities. Versions affected include 6.5 through 7.4, 8.0.x, 8.1.x, and 8.2.x. ======================================================================= title: Password disclosure vulnerability & XSS product: PTC ThingWor...
CVE-2018-17218
An issue was discovered in PTC ThingWorx Platform 6.5 through 8.2. There is reflected XSS in the SQUEAL search function...
CVE-2018-17218
PTC ThingWorx Platform versions 6.5–8.2 have a reflected XSS in the SQUEAL search function. A remote attacker can exploit via a specially crafted URL to execute script in a user’s browser. Affected component: SQUEAL search; vulnerability type: cross-site scripting. No remediation details are prov...
CVE-2018-17218
An issue was discovered in PTC ThingWorx Platform 6.5 through 8.2. There is reflected XSS in the SQUEAL search function...