CVE-2024-6528
CVE-2024-6528
Vexday Risk Score
13Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 5.4EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
11 jul 2024Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site
Scripting') vulnerability exists that could cause a vulnerability leading to a cross-site scripting
condition where attackers can have a victim’s browser run arbitrary JavaScript when they visit a
page containing the injected payload.
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Productos afectados
Schneider Electric · Modicon Controllers M241 / M251Schneider Electric · Modicon Controllers M258 / LMC058Schneider Electric · Modicon Controllers M262¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →