Vulnerabilities > Honeywell > WIN PAK > 4.7.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-24 | CVE-2020-6982 | Injection vulnerability in Honeywell Win-Pak 4.7.2 In Honeywell WIN-PAK 4.7.2, Web and prior versions, the header injection vulnerability has been identified, which may allow remote code execution. | 5.8 |
| 2020-03-24 | CVE-2020-6978 | Unspecified vulnerability in Honeywell Win-Pak 4.7.2 In Honeywell WIN-PAK 4.7.2, Web and prior versions, the affected product is vulnerable due to the usage of old jQuery libraries. | 6.4 |
| 2020-03-24 | CVE-2020-7005 | Cross-Site Request Forgery (CSRF) vulnerability in Honeywell Win-Pak 4.7.2 In Honeywell WIN-PAK 4.7.2, Web and prior versions, the affected product is vulnerable to a cross-site request forgery, which may allow an attacker to remotely execute arbitrary code. | 6.8 |