CVE-2023-5987
published 2023-11-15CVE-2023-5987: A CWE-79 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) vulnerability that could cause a vulnerability leading to a cross…
medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
A CWE-79 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)
vulnerability that could cause a vulnerability leading to a cross site scripting condition where
attackers can have a victim’s browser run arbitrary JavaScript when they visit a page containing
the injected payload.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| schneider-electric | ecostruxure_power_monitoring_expert | — | — |
| schneider-electric | ecostruxure_power_monitoring_expert | — | — |
| schneider_electric | ecostruxure_power_monitoring_expert | — | — |
| schneider_electric | ecostruxure_power_monitoring_expert | — | — |
| schneider_electric | ecostruxure_power_operation_advanced_reporting_and_dashboards_module | — | — |
| schneider_electric | ecostruxure_power_operation_advanced_reporting_and_dashboards_module | — | — |
| schneider_electric | ecostruxure_power_scada_operation_advanced_reporting_and_dashboards_module | — | — |