CVE-2018-7786
Schneider Electric U.motion Builder prior to v1.3.4 contains a Cross-Site Scripting (XSS) vulnerability in HTTP GET handling (context parameter) that could allow injection of malicious scripts. CVSS v3 base 6.1 (Network, low access complexity, user interaction required). Remediation: upgrade to f...