CVE-2024-23786

Name of the Vulnerable Software and Affected Versions SHARP Energy Management Controller with Cloud Services versions B0.1.9.1 and earlier

Description A cross-site scripting issue allows a network-adjacent unauthenticated attacker to execute an arbitrary script on the web browser of the user accessing the management page of the affected product.

Recommendations For versions B0.1.9.1 and earlier, update to a version later than B0.1.9.1 to resolve the issue. As a temporary workaround, consider restricting access to the management page of the affected product until a patch is available.