Imran Jamadar

**Name of the Vulnerable Software and Affected Versions** Schweitzer Engineering Laboratories SEL-411L (affected versions not specified) **Description** The issue is related to an improper restriction of rendered UI layers or frames, which could allow an unauthenticated attacker to perform clickjacking-based attacks against an authenticated and authorized user. For more details, refer to the product Instruction Manual Appendix A dated 20230830. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Schweitzer Engineering Laboratories SEL-411L (affected versions not specified) **Description** The issue is related to improper neutralization of input during web page generation, which could allow an attacker to generate cross-site scripting based attacks against an authorized and authenticated user. For more details, refer to the product Instruction Manual Appendix A dated 20230830. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Schweitzer Engineering Laboratories SEL-411L (affected versions not specified) **Description** The issue is related to an Improper Input Validation vulnerability that could allow an attacker to perform reflection attacks against an authorized and authenticated user. This vulnerability may enable a remote attacker to disclose protected information. For more details, refer to the product Instruction Manual Appendix A dated 20230830. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.