Podatność CVE-2018-19615

Podatność CVE-2018-19615

Publikacja: 2018-12-26

Opis:

Typ:

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

Ogólna skala CVSS	Znaczenie	Łatwość wykorzystania
4.3/10	2.9/10	8.6/10

Affected software
Rockwellautomation -> Powermonitor 1000 firmware

http://packetstormsecurity.com/files/150600/Rockwell-Automation-Allen-Bradley-PowerMonitor-1000-XSS.html

http://www.securityfocus.com/bid/106333

http://www.securityfocus.com/bid/108538

https://ics-cert.us-cert.gov/advisories/ICSA-19-050-04

https://www.exploit-db.com/exploits/45928/