Vulnerabilities > Danfoss > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-06-11 CVE-2023-22582 Cross-site Scripting vulnerability in Danfoss Ak-Em100 Firmware
The Danfoss AK-EM100 web applications allow for Reflected Cross-Site Scripting.
network
low complexity
danfoss CWE-79
6.1
6.1
2023-06-11 CVE-2023-22585 Cross-site Scripting vulnerability in Danfoss Ak-Em100 Firmware
The Danfoss AK-EM100 web applications allow for Reflected Cross-Site Scripting in the title parameter.
network
low complexity
danfoss CWE-79
6.1
6.1
2023-06-11 CVE-2023-25912 Information Exposure vulnerability in Danfoss Ak-Em100 Firmware
The webreport generation feature in the Danfoss AK-EM100 allows an unauthorized actor to generate a web report that discloses sensitive information such as the internal IP address, usernames and internal device values.
network
low complexity
danfoss CWE-200
5.3
5.3