Vulnerabilities > Wago > 751 9301 Firmware > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-02-27 CVE-2022-45137 Cross-site Scripting vulnerability in Wago products
The configuration backend of the web-based management is vulnerable to reflected XSS (Cross-Site Scripting) attacks that targets the users browser.
network
low complexity
wago CWE-79
6.1
2023-02-27 CVE-2022-45139 Origin Validation Error vulnerability in Wago products
A CORS Misconfiguration in the web-based management allows a malicious third party webserver to misuse all basic information pages on the webserver.
network
low complexity
wago CWE-346
5.3
2022-03-09 CVE-2022-22511 Cross-site Scripting vulnerability in Wago products
Various configuration pages of the device are vulnerable to reflected XSS (Cross-Site Scripting) attacks.
network
low complexity
wago CWE-79
5.4