Vulnerability Details CVE-2018-7834
A CWE-79 Cross-Site Scripting vulnerability exists in all versions of the TSXETG100 allowing an attacker to send a specially crafted URL with an embedded script to a user that would then be executed within the context of that user.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 54.2%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
Products affected by CVE-2018-7834
-
cpe:2.3:h:schneider-electric:tsxetg100:-
-
cpe:2.3:o:schneider-electric:tsxetg100_firmware:-