4 matches found
CVE-2023-38255
creationtimestamp| type| source ---|---|--- 2023-09-19 00:28:45+00:00| seen| https://t.me/cibsecurity/70675...
CVE-2023-38255 Socomec MOD3GP-SY-120K Cross-site Scripting
A potential attacker with or without cookie theft access to the device would be able to include malicious code XSS when uploading new device configuration that could affect the intended function of the device...
CVE-2023-38255 Socomec MOD3GP-SY-120K Cross-site Scripting
A potential attacker with or without cookie theft access to the device would be able to include malicious code XSS when uploading new device configuration that could affect the intended function of the device...
CVE-2023-38255
CVE-2023-38255 is an XSS vulnerability in the web interface of Socomec MODULYS GP (MOD3GP-SY-120K) with web firmware v01.12.10. The issue arises from improper handling during web page generation and input in the MAIL_RCV/notifications area, allowing an attacker to inject JavaScript when a legitim...