Vulnerability Details CVE-2022-3073
Quanos "SCHEMA ST4" example web templates in version Bootstrap 2019 v2/2021 v1/2022 v1/2022 SP1 v1 or below are prone to JavaScript injection allowing a remote attacker to hijack existing sessions to e.g. other web services in the same environment or execute scripts in the users browser environment. The affected script is '*-schema.js'.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 27.5%
CVSS Severity
CVSS v3 Score 6.1
References
Products affected by CVE-2022-3073
-
cpe:2.3:h:weidmueller:19_iot_md01_lan_h4_s0011:-
-
cpe:2.3:h:weidmueller:fp_iot_md01_4eu_s2_00000:-
-
cpe:2.3:h:weidmueller:fp_iot_md01_lan_s2_00000:-
-
cpe:2.3:h:weidmueller:fp_iot_md01_lan_s2_00011:-
-
cpe:2.3:h:weidmueller:fp_iot_md02_4eu_s3_00000:-
-
cpe:2.3:h:weidmueller:iot-gw30-4g-eu:-
-
cpe:2.3:h:weidmueller:iot-gw30:-
-
cpe:2.3:h:weidmueller:uc20-wl2000-ac:-
-
cpe:2.3:h:weidmueller:uc20-wl2000-iot:-
-
cpe:2.3:o:weidmueller:19_iot_md01_lan_h4_s0011_firmware:-
-
cpe:2.3:o:weidmueller:fp_iot_md01_4eu_s2_00000_firmware:-
-
cpe:2.3:o:weidmueller:fp_iot_md01_lan_s2_00000_firmware:-
-
cpe:2.3:o:weidmueller:fp_iot_md01_lan_s2_00011_firmware:-
-
cpe:2.3:o:weidmueller:fp_iot_md02_4eu_s3_00000_firmware:-
-
cpe:2.3:o:weidmueller:iot-gw30-4g-eu_firmware:1.10.0
-
cpe:2.3:o:weidmueller:iot-gw30-4g-eu_firmware:1.10.1
-
cpe:2.3:o:weidmueller:iot-gw30-4g-eu_firmware:1.10.2
-
cpe:2.3:o:weidmueller:iot-gw30-4g-eu_firmware:1.10.3
-
cpe:2.3:o:weidmueller:iot-gw30-4g-eu_firmware:1.11.0
-
cpe:2.3:o:weidmueller:iot-gw30-4g-eu_firmware:1.12.1
-
cpe:2.3:o:weidmueller:iot-gw30-4g-eu_firmware:1.16.0
-
cpe:2.3:o:weidmueller:iot-gw30-4g-eu_firmware:1.3.0
-
cpe:2.3:o:weidmueller:iot-gw30-4g-eu_firmware:1.9.0
-
cpe:2.3:o:weidmueller:iot-gw30-4g-eu_firmware:1.9.1
-
cpe:2.3:o:weidmueller:iot-gw30_firmware:1.10.0
-
cpe:2.3:o:weidmueller:iot-gw30_firmware:1.10.1
-
cpe:2.3:o:weidmueller:iot-gw30_firmware:1.10.2
-
cpe:2.3:o:weidmueller:iot-gw30_firmware:1.10.3
-
cpe:2.3:o:weidmueller:iot-gw30_firmware:1.11.0
-
cpe:2.3:o:weidmueller:iot-gw30_firmware:1.12.1
-
cpe:2.3:o:weidmueller:iot-gw30_firmware:1.16.0
-
cpe:2.3:o:weidmueller:iot-gw30_firmware:1.3.0
-
cpe:2.3:o:weidmueller:iot-gw30_firmware:1.9.0
-
cpe:2.3:o:weidmueller:iot-gw30_firmware:1.9.1
-
cpe:2.3:o:weidmueller:uc20-wl2000-ac_firmware:1.10.0
-
cpe:2.3:o:weidmueller:uc20-wl2000-ac_firmware:1.10.1
-
cpe:2.3:o:weidmueller:uc20-wl2000-ac_firmware:1.10.2
-
cpe:2.3:o:weidmueller:uc20-wl2000-ac_firmware:1.10.3
-
cpe:2.3:o:weidmueller:uc20-wl2000-ac_firmware:1.11.0
-
cpe:2.3:o:weidmueller:uc20-wl2000-ac_firmware:1.12.1
-
cpe:2.3:o:weidmueller:uc20-wl2000-ac_firmware:1.16.0
-
cpe:2.3:o:weidmueller:uc20-wl2000-ac_firmware:1.3.0
-
cpe:2.3:o:weidmueller:uc20-wl2000-ac_firmware:1.3.1
-
cpe:2.3:o:weidmueller:uc20-wl2000-ac_firmware:1.9.1
-
cpe:2.3:o:weidmueller:uc20-wl2000-iot_firmware:1.10.0
-
cpe:2.3:o:weidmueller:uc20-wl2000-iot_firmware:1.10.1
-
cpe:2.3:o:weidmueller:uc20-wl2000-iot_firmware:1.10.2
-
cpe:2.3:o:weidmueller:uc20-wl2000-iot_firmware:1.10.3
-
cpe:2.3:o:weidmueller:uc20-wl2000-iot_firmware:1.11.0
-
cpe:2.3:o:weidmueller:uc20-wl2000-iot_firmware:1.12.1
-
cpe:2.3:o:weidmueller:uc20-wl2000-iot_firmware:1.16.0
-
cpe:2.3:o:weidmueller:uc20-wl2000-iot_firmware:1.3.0
-
cpe:2.3:o:weidmueller:uc20-wl2000-iot_firmware:1.3.1
-
cpe:2.3:o:weidmueller:uc20-wl2000-iot_firmware:1.9.1