Vulnerabilities > Openplcproject > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-06-28 CVE-2024-37741 Cross-site Scripting vulnerability in Openplcproject Openplc V3 Firmware
OpenPLC 3 through 9cd8f1b allows XSS via an SVG document as a profile picture.
network
low complexity
openplcproject CWE-79
5.4
5.4
2021-08-02 CVE-2021-3351 Cross-site Scripting vulnerability in Openplcproject Openplc
OpenPLC runtime V3 through 2016-03-14 allows stored XSS via the Device Name to the web server's Add New Device page.
network
low complexity
openplcproject CWE-79
5.4
5.4
2021-06-11 CVE-2021-26829 Cross-site Scripting vulnerability in Openplcproject Scadabr
OpenPLC ScadaBR through 0.9.1 on Linux and through 1.12.4 on Windows allows stored XSS via system_settings.shtm.
network
low complexity
openplcproject CWE-79
5.4
5.4