RLE Protocol Converter FDS-PC and FDS-PC-DP Web Server Cross-Site Scripting Vulnerability

RLE Protocol Converter FDS-PC and FDS-PC-DP are protocol converters. web server is one of the web servers. A cross-site scripting vulnerability exists in the web server in RLE Protocol Converter FDS-PC and FDS-PC-DP version 2.1. A remote attacker can exploit this vulnerability to inject malicious...

CVE-2018-7278

An issue was discovered on RLE Protocol Converter FDS-PC / FDS-PC-DP 2.1 devices. Persistent XSS exists in the web server. Remote attackers can inject malicious JavaScript code using the device's BACnet implementation. This is similar to a Cross Protocol Injection with SNMP...

CVE-2018-7278

The CVE-2018-7278 entry affects RLE Protocol Converter FDS-PC / FDS-PC-DP 2.1 devices. The vulnerability is a persistent XSS in the web server, exploitable by remote attackers through the device’s BACnet implementation to inject arbitrary JavaScript. This is described across multiple sources (NVD...