CVE-2023-2266
4.3
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Summary
An Improper neutralization of input during web page generation in the Schweitzer Engineering Laboratories SEL-411L could allow an attacker to generate cross-site scripting based attacks against an authorized and authenticated user.
See product Instruction Manual Appendix A dated 20230830 for more details.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Schweitzer Engineering Laboratories | SEL-411L | R118-V0 < R118-V4 | affected |
| Schweitzer Engineering Laboratories | SEL-411L | R119-V0 < R119-V5 | affected |
| Schweitzer Engineering Laboratories | SEL-411L | R120-V0 < R120-V6 | affected |
| Schweitzer Engineering Laboratories | SEL-411L | R121-V0 < R121-V3 | affected |
| Schweitzer Engineering Laboratories | SEL-411L | R122-V0 < R122-V3 | affected |
| Schweitzer Engineering Laboratories | SEL-411L | R123-V0 < R123-V3 | affected |
| Schweitzer Engineering Laboratories | SEL-411L | R124-V0 < R124-V3 | affected |
| Schweitzer Engineering Laboratories | SEL-411L | R125-V0 < R125-V3 | affected |
| Schweitzer Engineering Laboratories | SEL-411L | R126-V0 < R126-V4 | affected |
| Schweitzer Engineering Laboratories | SEL-411L | R127-V0 < R127-V2 | affected |
| Schweitzer Engineering Laboratories | SEL-411L | R128-V0 < R128-V1 | affected |
| Schweitzer Engineering Laboratories | SEL-411L | R129-V0 < R129-V1 | affected |
Weaknesses
- CWE-79: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.