Vulnerability Details CVE-2018-7770
The vulnerability exists within processing of sendmail.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The applet allows callers to select arbitrary files to send to an arbitrary email address.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 53.3%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.3
References
Products affected by CVE-2018-7770
-
cpe:2.3:a:schneider-electric:u.motion:*