An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists in the embedded web servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200 allowing an attacker to craft a URL containing JavaScript that will be executed within the user's browser, potentially impacting the machine the browser is running on.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: schneider

Published:

Updated: 2024-08-05T06:37:59.377Z

Reserved: 2018-03-08T00:00:00

Link: CVE-2018-7810

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2018-11-30T19:29:00.470

Modified: 2024-11-21T04:12:46.470

Link: CVE-2018-7810

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.