Vulnerabilities > Honeywell > WIN PAK > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-03-24 | CVE-2020-6982 | Injection vulnerability in Honeywell Win-Pak 4.7.2 In Honeywell WIN-PAK 4.7.2, Web and prior versions, the header injection vulnerability has been identified, which may allow remote code execution. | 8.8 |
2020-03-24 | CVE-2020-6978 | Unspecified vulnerability in Honeywell Win-Pak 4.7.2 In Honeywell WIN-PAK 4.7.2, Web and prior versions, the affected product is vulnerable due to the usage of old jQuery libraries. | 7.2 |
2020-03-24 | CVE-2020-7005 | Cross-Site Request Forgery (CSRF) vulnerability in Honeywell Win-Pak 4.7.2 In Honeywell WIN-PAK 4.7.2, Web and prior versions, the affected product is vulnerable to a cross-site request forgery, which may allow an attacker to remotely execute arbitrary code. | 8.8 |