Vulnerabilities > Johnsoncontrols > Exacqvision WEB Service > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-08-01 CVE-2024-32931 Unspecified vulnerability in Johnsoncontrols Exacqvision web Service 20.06.11.0/20.06.3.0/21.03
Under certain circumstances the exacqVision Web Service can expose authentication token details within communications.
network
low complexity
johnsoncontrols
5.7
2021-06-24 CVE-2021-27659 Cross-site Scripting vulnerability in Johnsoncontrols Exacqvision web Service 20.06.11.0/20.06.3.0/21.03
exacqVision Web Service 21.03 does not sufficiently validate, filter, escape, and/or encode user-controllable input before it is placed in output that is used as a web page that is served to other users.
network
low complexity
johnsoncontrols CWE-79
6.1