Vulnerabilities > Phoenixcontact > Cloud Client 1101T TX Firmware > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-08-08 CVE-2023-3526 Cross-site Scripting vulnerability in Phoenixcontact products
In PHOENIX CONTACTs TC ROUTER and TC CLOUD CLIENT in versions prior to 2.07.2 as well as CLOUD CLIENT 1101T-TX/TX prior to 2.06.10 an unauthenticated remote attacker could use a reflective XSS within the license viewer page of the devices in order to execute code in the context of the user's browser.
network
low complexity
phoenixcontact CWE-79
critical
9.6