Published: 23/03/2020 Updated: 24/03/2020

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Subscribe to Andover Continuum 9680 Firmware

A CWE-79:Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists Andover Continuum (All versions), which could enable a successful Cross-site Scripting (XSS attack) when using the products' web server.

Vulnerable Product	Search on Vulmon	Subscribe to Product
schneider-electric andover_continuum_9680_firmware
schneider-electric andover_continuum_5740_firmware
schneider-electric andover_continuum_5720_firmware
schneider-electric andover_continuum_bcx4040_firmware
schneider-electric andover_continuum_bcx9640_firmware
schneider-electric andover_continuum_9900_firmware
schneider-electric andover_continuum_9940_firmware
schneider-electric andover_continuum_9941_firmware
schneider-electric andover_continuum_9924_firmware
schneider-electric andover_continuum_9702_firmware
schneider-electric andover_continuum_9200_firmware

CWE-79 https://www.se.com/ww/en/download/document/SEVD-2020-070-04/https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2020-7481

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect