2 matches found
CVE-2022-22732
A CWE-668: Exposure of Resource to Wrong Sphere vulnerability exists that could cause all remote domains to access the resources data supplied by the server when an attacker sends a fetch request from third-party site or malicious site. Affected Products: EcoStruxure Power Commission Versions pri...
CVE-2022-22732
EcoStruxure Power Commission (Schneider Electric) versions prior to V2.22 are affected by CWE-668: Exposure of Resource to Wrong Sphere, which could allow remote domains to access server data via a fetch from a third-party or malicious site. The root cause is improper data sphere exposure, enabli...