cbcvebase.
CVE-2022-43376
published 2023-04-18

CVE-2022-43376: A CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists that could cause code and session…

medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
A CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists that could cause code and session manipulation when malicious code is inserted into the browser. Affected Products: NetBotz 4 - 355/450/455/550/570 (V4.7.0 and prior)

Affected

6 ranges
VendorProductVersion rangeFixed in
schneider-electricnetbotz_355_firmware4.0.0 – 4.7.0
schneider-electricnetbotz_450_firmware4.0.0 – 4.7.0
schneider-electricnetbotz_455_firmware4.0.0 – 4.7.0
schneider-electricnetbotz_550_firmware4.0.0 – 4.7.0
schneider-electricnetbotz_570_firmware4.0.0 – 4.7.0
schneider_electricnetbotz_4_355_450_455_550_570