CVE-2018-7786

EPSS 0.8%

Vexday Risk Score

3Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS —EPSS 0.8%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

03 Jul 2018Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

In Schneider Electric U.motion Builder software versions prior to v1.3.4, a cross site scripting (XSS) vulnerability exists which could allow injection of malicious scripts.

Affected products

Schneider Electric SE · U.motion Builder

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.schneider-electric.com/en/download/document/SEVD-2018-151-01/http://www.securityfocus.com/bid/104447