Vulnerabilities > Xarrow

DATE	CVE	VULNERABILITY TITLE	RISK
2022-05-16	CVE-2021-33001	Cross-site Scripting vulnerability in Xarrow 7.2 xArrow SCADA versions 7.2 and prior is vulnerable to cross-site scripting due to parameter ‘bdate’ of the resource xhisvalue.htm, which may allow an unauthorized attacker to execute arbitrary code. network low complexity xarrow CWE-79	6.1
2022-05-16	CVE-2021-33021	Cross-site Scripting vulnerability in Xarrow 7.2 xArrow SCADA versions 7.2 and prior is vulnerable to cross-site scripting due to parameter ‘edate’ of the resource xhisalarm.htm, which may allow an unauthorized attacker to execute arbitrary code. network low complexity xarrow CWE-79	6.1
2022-05-16	CVE-2021-33025	Improper Input Validation vulnerability in Xarrow 7.2 xArrow SCADA versions 7.2 and prior permits unvalidated registry keys to be run with application-level privileges. local low complexity xarrow CWE-20	7.8

Vulnerabilities > Xarrow {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Xarrow"}]}