CVE-2023-2266

Summary

An Improper neutralization of input during web page generation in the Schweitzer Engineering Laboratories SEL-411L could allow an attacker to generate cross-site scripting based attacks against an authorized and authenticated user.

See product Instruction Manual Appendix A dated 20230830 for more details.

Affected Software

VendorProductVersion RangeStatus
Schweitzer Engineering LaboratoriesSEL-411LR118-V0 < R118-V4affected
Schweitzer Engineering LaboratoriesSEL-411LR119-V0 < R119-V5affected
Schweitzer Engineering LaboratoriesSEL-411LR120-V0 < R120-V6affected
Schweitzer Engineering LaboratoriesSEL-411LR121-V0 < R121-V3affected
Schweitzer Engineering LaboratoriesSEL-411LR122-V0 < R122-V3affected
Schweitzer Engineering LaboratoriesSEL-411LR123-V0 < R123-V3affected
Schweitzer Engineering LaboratoriesSEL-411LR124-V0 < R124-V3affected
Schweitzer Engineering LaboratoriesSEL-411LR125-V0 < R125-V3affected
Schweitzer Engineering LaboratoriesSEL-411LR126-V0 < R126-V4affected
Schweitzer Engineering LaboratoriesSEL-411LR127-V0 < R127-V2affected
Schweitzer Engineering LaboratoriesSEL-411LR128-V0 < R128-V1affected
Schweitzer Engineering LaboratoriesSEL-411LR129-V0 < R129-V1affected

Weaknesses

  • CWE-79: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

ADP Enrichment

CVE Program Container

Additional References

References