Vulnerability Details CVE-2022-29732
Delta Controls enteliTOUCH 3.40.3935, 3.40.3706, and 3.33.4005 was discovered to contain a cross-site scripting (XSS) vulnerability via the Username parameter. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 66.1%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
Products affected by CVE-2022-29732
-
cpe:2.3:h:deltacontrols:entelitouch:-
-
cpe:2.3:o:deltacontrols:entelitouch_firmware:3.33.4005
-
cpe:2.3:o:deltacontrols:entelitouch_firmware:3.40.3706
-
cpe:2.3:o:deltacontrols:entelitouch_firmware:3.40.3935