Vulnerabilities > Scadabr
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-10-14 | CVE-2019-16344 | Cross-site Scripting vulnerability in Scadabr 1.0Ce A cross-site scripting (XSS) vulnerability in the login form (/ScadaBR/login.htm) in ScadaBR 1.0CE allows a remote attacker to inject arbitrary web script or HTML via the username or password parameter. | 6.1 |
2019-09-15 | CVE-2019-16321 | Cross-site Scripting vulnerability in Scadabr 1.0Ce/1.1.0 ScadaBR 1.0CE, and 1.1.x through 1.1.0-RC, has XSS via a request for a nonexistent resource, as demonstrated by the dwr/test/ PATH_INFO. | 6.1 |