Vulnerabilities > Advantech > Advantech Webaccess > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2012-02-21 | CVE-2012-0235 | Cross-Site Request Forgery (CSRF) vulnerability in Advantech Webaccess 5.0/6.0 Cross-site request forgery (CSRF) vulnerability in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | 6.0 |
| 2012-02-21 | CVE-2012-0233 | Cross-Site Scripting vulnerability in Advantech Webaccess 5.0/6.0 Cross-site scripting (XSS) vulnerability in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to inject arbitrary web script or HTML via a malformed URL. | 4.3 |
| 2012-02-21 | CVE-2011-4523 | Cross-Site Scripting vulnerability in Advantech Webaccess 5.0/6.0 Cross-site scripting (XSS) vulnerability in bwview.asp in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters. | 4.3 |
| 2012-02-21 | CVE-2011-4522 | Cross-Site Scripting vulnerability in Advantech Webaccess 5.0/6.0 Cross-site scripting (XSS) vulnerability in bwerrdn.asp in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters. | 4.3 |