Vulnerabilities > Johnsoncontrols > Exacqvision WEB Service > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-08-01 | CVE-2024-32931 | Unspecified vulnerability in Johnsoncontrols Exacqvision web Service 20.06.11.0/20.06.3.0/21.03 Under certain circumstances the exacqVision Web Service can expose authentication token details within communications. | 5.7 |
2021-06-24 | CVE-2021-27659 | Cross-site Scripting vulnerability in Johnsoncontrols Exacqvision web Service 20.06.11.0/20.06.3.0/21.03 exacqVision Web Service 21.03 does not sufficiently validate, filter, escape, and/or encode user-controllable input before it is placed in output that is used as a web page that is served to other users. | 6.1 |