PT-2019-12263 · Carel · Pcoweb

Published

2019-06-03

Updated

2019-06-04

CVE-2019-11370

CVSS v3.1

5.4

Medium

Vector

AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions Carel pCOWeb versions prior to B1.2.4

Description A Stored XSS issue was found, as shown by the config/pw snmp.html "System contact" field.

Recommendations For versions prior to B1.2.4, update to version B1.2.4 or later to resolve the issue.

Exploit

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

CVE-2019-11370

Pcoweb