5 matches found
CVE-2026-12620
The CVE affects GridTime 3000 GNSS Time Server versions 1.0r0.03 through 1.1r0.0, where an access token is leaked in the URL parameters of certain endpoints. The issue is documented by NVD/CVE entries for CVE-2026-12620, with an attack surface described as NETWORK, requiring HIGH privileges and A...
CVE-2026-12622 Open Redirect Vulnerability in Password Reset Submission in GridTime™ 3000 GNSS Time Server
The GridTime 3000 GNSS Time Server has an open redirect vulnerability in the password change form submission. This issue affects GridTime 3000: from 1.0r0.03 through 1.1r0.0...
CVE-2026-12619 GridTime™ 3000 GNSS Time Server CSRF to XSS
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Microchip GridTime 3000 allows Cross-Site Scripting XSS. This issue affects GridTime 3000: from 1.0r0.03 through 1.1r0.0...
CVE-2026-12619
The CVE-2026-12619 entry concerns Microchip GridTime 3000 GNSS Time Server, where an improper neutralization during web page generation enables Cross-Site Scripting (XSS). A CSRF-to-XSS chain affects GridTime 3000 versions 1.0r0.03–1.1r0.0. Exploit maturity is listed as ATTACKED, indicating in-th...
PT-2026-50948
Name of the Vulnerable Software and Affected Versions GridTime 3000 versions 1.0r0.03 through 1.1r0.0 Description The GridTime 3000 GNSS Time Server contains an open redirect issue within the password change form submission. An open redirect occurs when an application takes a user-provided URL an...