Vulnerabilities > BR Automation > Automation Runtime > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-02-05 CVE-2023-6028 Cross-site Scripting vulnerability in Br-Automation Automation Runtime
A reflected cross-site scripting (XSS) vulnerability exists in the SVG version of System Diagnostics Manager of B&R Automation Runtime versions <= G4.93 that enables a remote attacker to execute arbitrary JavaScript code in the context of the attacked user’s browser session.
network
low complexity
br-automation CWE-79
6.1
6.1
2023-07-26 CVE-2023-3242 Unspecified vulnerability in Br-Automation Automation Runtime
Improper initialization implementation in Portmapper used in B&R Industrial Automation Automation Runtime <G4.93 allows unauthenticated network-based attackers to cause permanent denial-of-service conditions.
network
high complexity
br-automation
5.9
5.9
2023-02-14 CVE-2022-4286 Cross-site Scripting vulnerability in Br-Automation Automation Runtime
A reflected cross-site scripting (XSS) vulnerability exists in System Diagnostics Manager of B&R Automation Runtime versions >=3.00 and <=C4.93 that enables a remote attacker to execute arbitrary JavaScript in the context of the users browser session.
network
low complexity
br-automation CWE-79
6.1
6.1