CVE-2024-13958

CWE-79 — Cross-site Scripting (XSS)3 documents3 sources

Severity

4.6MEDIUM

EPSS

0.2%

top 63.98%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

ABB Aspect-enterprise ABB Matrix Series ABB Nexus Series

Timeline

PublishedMay 22

Description

Stored Cross Site Scripting vulnerabilities exist in ASPECT if administrator creden-tials become compromisedThis issue affects ASPECT-Enterprise: through 3.*; NEXUS Series: through 3.*; MATRIX Series: through 3.*.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N

Affected Packages3 packages

▶CVEListV5abb/nexus_series3.*

▶CVEListV5abb/matrix_series3.*

▶CVEListV5abb/aspect-enterprise3.*

🔴Vulnerability Details

CVEList

Stored Cross Site Scripting↗2025-05-22

▶

GHSA

GHSA-9h69-wwg8-442f: Stored Cross Site Scripting vulnerabilities exist in ASPECT if administrator creden-tials become compromisedThis issue affects ASPECT-Enterprise: thro↗2025-05-22

▶