mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-28 09:12:08 +00:00
1.1 KiB
1.1 KiB
CVE-2018-7810
&color=brighgreen)
Description
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists in the embedded web servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200 allowing an attacker to craft a URL containing JavaScript that will be executed within the user's browser, potentially impacting the machine the browser is running on.
POC
Reference
- https://www.tenable.com/security/research/tra-2018-38
- https://www.tenable.com/security/research/tra-2018-38
Github
No PoCs found on GitHub currently.