Vulnerability Details CVE-2019-11370
Stored XSS was discovered in Carel pCOWeb prior to B1.2.4, as demonstrated by the config/pw_snmp.html "System contact" field.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.114
EPSS Ranking 93.2%
CVSS Severity
CVSS v3 Score 5.4
CVSS v2 Score 3.5
References
Products affected by CVE-2019-11370
-
cpe:2.3:h:carel:pcoweb_card:-
-
cpe:2.3:o:carel:pcoweb_card_firmware:-
-
cpe:2.3:o:carel:pcoweb_card_firmware:a2.1.0
-
cpe:2.3:o:carel:pcoweb_card_firmware:b.2.1.0
-
cpe:2.3:o:carel:pcoweb_card_firmware:b1.2.1