CVE-2018-18997
N/A
N/A
Summary
Pluto Safety PLC Gateway Ethernet devices in ABB GATE-E1 and GATE-E2 all versions allows an unauthenticated attacker using the administrative web interface to insert an HTML/Javascript payload into any of the device properties, which may allow an attacker to display/execute the payload in a visitor browser.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | ABB GATE-E1 and GATE-E2 | All versions | affected |
Weaknesses
- CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-Site Scripting') CWE-79
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.