CVE-2023-22585 - Reflected Cross-Site Scripting in Danfoss AK-EM 100
CVE | CVE-2023-22585 | |||||||||||
Discovered by |
|
|||||||||||
Credits |
|
|||||||||||
Affected products |
|
|||||||||||
Page author | Max van der Horst | |||||||||||
CVSS |
Base score:
9
(CRITICAL) |
|||||||||||
References |
|
|||||||||||
Problem type(s) | CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | |||||||||||
Last modified | 25 May 2023 17:55 |
Description
The Danfoss AK-EM 100 web applications allow for Reflected Cross-Site Scripting in the title parameter.
JSON version