Vulnerability CVE-2023-28648
Published: 2023-03-28

Description:
Osprey Pump Controller version 1.01 inputs passed to a GET parameter are not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML/JS code in a user's browser session in context of an affected site.

 References:
https://www.cisa.gov/news-events/ics-advisories/icsa-23-082-06
Copyright 2026, cxsecurity.com

 

Back to Top