3 matches found
CVE-2017-5157
An issue was discovered in Schneider Electric homeLYnk Controller, LSS100100, all versions prior to V1.5.0. The homeLYnk controller is susceptible to a cross-site scripting attack. User inputs can be manipulated to cause execution of JavaScript code...
CVE-2017-5157
CVE-2017-5157 affects Schneider Electric homeLYnk Controller (LSS100100) prior to v1.5.0. It is a cross-site scripting vulnerability where attacker-supplied input can execute JavaScript in a user’s browser. ICS-CERT advisory ICSA-17-019-01A notes CVSS v3.0 base score 6.3 and provides mitigations ...
Schneider Electric homeLYnk Controller (Update A)
CVSS V3 8.8 ATTENTION: Remotely exploitable/low skill level to exploit Vendor: Schneider Electric Equipment: homeLYnk Controller, LSS100100 Vulnerability: Cross-site Scripting, Command Injection UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-17-019-01...