Vulnerabilities > Softing > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-30 | CVE-2023-37571 | Cross-site Scripting vulnerability in Softing TH Scope 3.5 Softing TH SCOPE through 3.70 allows XSS. | 6.1 |
| 2023-11-06 | CVE-2022-48192 | Cross-site Scripting vulnerability in Softing Smartlink Sw-Ht Cross-site Scripting vulnerability in Softing smartLink SW-HT before 1.30, which allows an attacker to execute a dynamic script (JavaScript, VBScript) in the context of the application. | 6.1 |
| 2022-08-17 | CVE-2022-2338 | Unspecified vulnerability in Softing products Softing Secure Integration Server V1.22 is vulnerable to authentication bypass via a machine-in-the-middle attack. high complexity softing | 5.3 |
| 2022-03-11 | CVE-2021-42262 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Softing products An issue was discovered in Softing OPC UA C++ SDK before 5.70. | 6.5 |
| 2021-04-02 | CVE-2021-29661 | Cross-site Scripting vulnerability in Softing OPC Toolbox 4.10.1.13035 Softing AG OPC Toolbox through 4.10.1.13035 allows /en/diag_values.html Stored XSS via the ITEMLISTVALUES##ITEMID parameter, resulting in JavaScript payload injection into the trace file. | 5.4 |