CVE-2018-7795: XSS
First published: Wed Aug 29 2018(Updated: )
A Cross Protocol Injection vulnerability exists in Schneider Electric's PowerLogic (PM5560 prior to FW version 2.5.4) product. The vulnerability makes the product susceptible to cross site scripting attack on its web browser. User inputs can be manipulated to cause execution of java script code.
Credit: cybersecurity@se.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Schneider-electric Powerlogic Pm5560 Firmware | <2.5.4 | |
| Schneider-electric Powerlogic Pm5560 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- agent/weakness
- agent/severity
- agent/author
- agent/references
- agent/description
- agent/type
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/schneider-electric
- canonical/schneider-electric powerlogic pm5560 firmware
- canonical/schneider-electric powerlogic pm5560