PT-2017-13188 · Loytec · Loytec Lvis-3Me

Published

2017-10-05

Updated

2019-10-09

CVE-2017-13994

CVSS v3.1

6.1

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions LOYTEC LVIS-3ME versions prior to 6.2.0

Description A Cross-site Scripting issue was discovered in the web interface, which lacks proper web request validation. This could allow XSS attacks to occur if an authenticated user is tricked into clicking a malicious link.

Recommendations For LOYTEC LVIS-3ME versions prior to 6.2.0, update to version 6.2.0 or later to resolve the issue.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2017-13994

Affected Products

Loytec Lvis-3Me

PT-2017-13188 · Loytec · Loytec Lvis-3Me

CVE-2017-13994

Weakness Enumeration

Related Identifiers

Affected Products

References · 4