Pluto Safety PLC Gateway Ethernet devices in ABB GATE-E1 and GATE-E2 all versions allows an unauthenticated attacker using the administrative web interface to insert an HTML/Javascript payload into any of the device properties, which may allow an attacker to display/execute the payload in a visitor browser.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: icscert

Published: 2019-01-03T22:00:00

Updated: 2024-08-05T11:23:08.565Z

Reserved: 2018-11-06T00:00:00

Link: CVE-2018-18997

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-01-03T22:29:00.293

Modified: 2019-10-09T23:37:33.037

Link: CVE-2018-18997

cve-icon Redhat

No data.