3 matches found
Schneider Electric Modicon Cross-site Scripting (CVE-2018-7831)
An Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability exists in the embedded web servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200 allowing an attacker to send a specially crafted URL to a currently authenticated web server user to execute a...
CVE-2018-7831
An Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability exists in the embedded web servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200 allowing an attacker to send a specially crafted URL to a currently authenticated web server user to execute a...
CVE-2018-7831
This entry documents CVE-2018-7831, affecting Schneider Electric Modicon embedded web servers in M340, Premium, Quantum PLCs and BMXNOR0200. The vulnerability is an improper neutralization of script-related HTML tags (Basic XSS) that can be exploited by sending a specially crafted URL to a curren...