3 matches found
Westermo Lynx 206-F2G Improper Neutralization of Input During Web Page Generation (CVE-2023-45222)
An attacker with access to the Westermo Lynx web application that has the vulnerable software could introduce arbitrary JavaScript by injecting a cross-site scripting payload into the 'autorefresh' parameter. This plugin only works with Tenable.ot. Please visit...
CVE-2023-45222
CVE-2023-45222 affects the Westermo Lynx 206-F2G web interface (WeOS) where an attacker with access to the web app can inject arbitrary JavaScript via the autorefresh parameter (Cross-Site Scripting, CWE-79). Public disclosures (NVD/NIST, Tenable OT plugin, CNVD, PRION, CVE list) describe identic...
CVE-2023-45222 Westermo Lynx Cross-site Scripting
An attacker with access to the web application that has the vulnerable software could introduce arbitrary JavaScript by injecting a cross-site scripting payload into the "autorefresh" parameter...