Diaenergie Security Vulnerabilities and Issues — Diaenergie CVE List

Lucene search

DeltawwDiaenergie

4 matches found

CVE•added 2021/12/22 7:15 p.m.•48 views

CVE-2021-23228

DIAEnergie Version 1.7.5 and prior is vulnerable to a reflected cross-site scripting attack through error pages that are returned by “.NET Request.QueryString”.

7.5CVSS6.3AI score0.00156EPSS

CVE•added 2021/12/22 7:15 p.m.•44 views

CVE-2021-44471

DIAEnergie Version 1.7.5 and prior is vulnerable to stored cross-site scripting when an unauthenticated user injects arbitrary code into the parameter “name” of the script “DIAE_HandlerAlarmGroup.ashx”.

7.5CVSS6.6AI score0.0044EPSS

CVE•added 2021/12/22 7:15 p.m.•36 views

CVE-2021-44544

DIAEnergie Version 1.7.5 and prior is vulnerable to multiple cross-site scripting vulnerabilities when arbitrary code is injected into the parameter “name” of the script “HandlerEnergyType.ashx”.

7.5CVSS6.8AI score0.00209EPSS

CVE•added 2021/12/22 7:15 p.m.•34 views

CVE-2021-31558

DIAEnergie Version 1.7.5 and prior is vulnerable to stored cross-site scripting when an unauthenticated user injects arbitrary code into the parameter “descr” of the script “DIAE_hierarchyHandler.ashx”.

6.5CVSS6.6AI score0.00883EPSS