5 matches found
Schneider Electric PowerLogic PM5560 Improper Neutralization of Input During Web Page Generation (CVE-2018-7795)
A Cross Protocol Injection vulnerability exists in Schneider Electric's PowerLogic PM5560 prior to FW version 2.5.4 product. The vulnerability makes the product susceptible to cross site scripting attack on its web browser. User inputs can be manipulated to cause execution of java script code. Th...
CVE-2018-7795
A Cross Protocol Injection vulnerability exists in Schneider Electric's PowerLogic PM5560 prior to FW version 2.5.4 product. The vulnerability makes the product susceptible to cross site scripting attack on its web browser. User inputs can be manipulated to cause execution of java script code...
CVE-2018-7795
The CVE-2018-7795 entry corresponds to Schneider Electric PowerLogic PM5560 (all versions prior to firmware 2.5.4) with an vulnerability described as Improper Neutralization of Input During Web Page Generation (Cross-Site Scripting). The root cause is input handling in the web interface that allo...
CVE-2018-7795
A Cross Protocol Injection vulnerability exists in Schneider Electric's PowerLogic PM5560 prior to FW version 2.5.4 product. The vulnerability makes the product susceptible to cross site scripting attack on its web browser. User inputs can be manipulated to cause execution of java script code...
Schneider Electric PowerLogic PM5560
1. EXECUTIVE SUMMARY CVSS v3 8.2 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Schneider Electric Equipment: PowerLogic PM5560 Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow user input to be manipulated,...