Vulnerability Details CVE-2023-2266
An Improper neutralization of input during web page generation in the Schweitzer Engineering Laboratories SEL-411L could allow an attacker to generate cross-site scripting based attacks against an authorized and authenticated user.
See product Instruction Manual Appendix A dated 20230830 for more details.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 49.1%
CVSS Severity
CVSS v3 Score 4.3
References
Products affected by CVE-2023-2266
-
cpe:2.3:h:selinc:sel-411l:-
-
cpe:2.3:o:selinc:sel-411l_firmware:r118-v0
-
cpe:2.3:o:selinc:sel-411l_firmware:r119-v0
-
cpe:2.3:o:selinc:sel-411l_firmware:r120-v0
-
cpe:2.3:o:selinc:sel-411l_firmware:r121-v0
-
cpe:2.3:o:selinc:sel-411l_firmware:r122-v0
-
cpe:2.3:o:selinc:sel-411l_firmware:r123-v0
-
cpe:2.3:o:selinc:sel-411l_firmware:r124-v0
-
cpe:2.3:o:selinc:sel-411l_firmware:r125-v0
-
cpe:2.3:o:selinc:sel-411l_firmware:r126-v0
-
cpe:2.3:o:selinc:sel-411l_firmware:r127-v0
-
cpe:2.3:o:selinc:sel-411l_firmware:r128-v0
-
cpe:2.3:o:selinc:sel-411l_firmware:r129-v0