Vulnerabilities > Schneider Electric > Andover Continuum 9924 Firmware > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-23 | CVE-2020-7482 | Cross-site Scripting vulnerability in Schneider-Electric products A CWE-79:Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists Andover Continuum (All versions), which could cause a Reflective Cross-site Scripting (XSS attack) when using the products' web server. | 4.3 |
| 2020-03-23 | CVE-2020-7481 | Cross-site Scripting vulnerability in Schneider-Electric products A CWE-79:Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists Andover Continuum (All versions), which could enable a successful Cross-site Scripting (XSS attack) when using the products' web server. | 4.3 |
| 2019-11-20 | CVE-2019-6853 | Cross-site Scripting vulnerability in Schneider-Electric products A CWE-79: Failure to Preserve Web Page Structure vulnerability exists in Andover Continuum (models 9680, 5740 and 5720, bCX4040, bCX9640, 9900, 9940, 9924 and 9702) , which could enable a successful Cross-site Scripting (XSS attack) when using the products web server. | 4.3 |