3 matches found
Cross site scripting
A CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability exists that could cause arbritrary script execution when a privileged account clicks on a malicious URL specifically crafted for the NMC. Affected Products: 1-Phase Uninterruptible Power...
CVE-2021-22813
A CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability exists that could cause arbritrary script execution when a privileged account clicks on a malicious URL specifically crafted for the NMC pointing to an edit policy file. Affected Products:...
PT-2022-9285 · Apc · Apc Rack Power Distribution Units +19
Name of the Vulnerable Software and Affected Versions: APC Smart-UPS, Symmetra, and Galaxy 3500 with Network Management Card 2 NMC2 versions 6.9.8 and earlier APC Symmetra PX 250/500 SYPX Network Management Card 2 NMC2 versions 6.9.6 and earlier APC Symmetra PX 48/96/100/160 kW UPS PX2, Symmetra ...