MEDIUM✓ PATCH🇵🇱 Wersja polska

CVE-2020-29027

CVSS 5.4v3.1pub. 2021-02-16upd. 2024-11-21

Cross-site Scripting (XSS) vulnerability in GUI of Secomea SiteManager could allow an attacker to cause an XSS Attack. This issue affects: Secomea SiteManager all versions prior to 9.3.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
  • Secomea Sitemanager 1129

    HW
    Secomea
    wszystkie wersje
  • Secomea Sitemanager 1129 Firmware

    OS
    Secomea
    < 9.2c
  • Secomea Sitemanager 1139

    HW
    Secomea
    wszystkie wersje
  • Secomea Sitemanager 1139 Firmware

    OS
    Secomea
    < 9.2c
  • Secomea Sitemanager 1149

    HW
    Secomea
    wszystkie wersje
  • Secomea Sitemanager 1149 Firmware

    OS
    Secomea
    < 9.2c
  • Secomea Sitemanager 3329

    HW
    Secomea
    wszystkie wersje
  • Secomea Sitemanager 3329 Firmware

    OS
    Secomea
    < 9.2c
  • Secomea Sitemanager 3339

    HW
    Secomea
    wszystkie wersje
  • Secomea Sitemanager 3339 Firmware

    OS
    Secomea
    < 9.2c
  • Secomea Sitemanager 3349

    HW
    Secomea
    wszystkie wersje
  • Secomea Sitemanager 3349 Firmware

    OS
    Secomea
    < 9.2c
  • Secomea Sitemanager 3529

    HW
    Secomea
    wszystkie wersje
  • Secomea Sitemanager 3529 Firmware

    OS
    Secomea
    < 9.2c
  • Secomea Sitemanager 3539

    HW
    Secomea
    wszystkie wersje
  • Secomea Sitemanager 3539 Firmware

    OS
    Secomea
    < 9.2c
  • Secomea Sitemanager 3549

    HW
    Secomea
    wszystkie wersje
  • Secomea Sitemanager 3549 Firmware

    OS
    Secomea
    < 9.2c
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
XSS
CWE
References

Related vulnerabilities

CVE-2022-25784CRITICAL9.1ten sam produkt

Cross-site Scripting (XSS) vulnerability in Web GUI of SiteManager allows logged-in user to inject scripting. ...

CVE-2022-38124MEDIUM5.7ten sam produkt

Debug tool in Secomea SiteManager allows logged-in administrator to modify system state in an unintended manne...

CVE-2021-32010MEDIUM5.6ten sam produkt

Inadequate Encryption Strength vulnerability in TLS stack of Secomea SiteManager, LinkManager, GateManager may...

CVE-2022-25785MEDIUM6.6ten sam produkt

Stack-based Buffer Overflow vulnerability in SiteManager allows logged-in or local user to cause arbitrary cod...

CVE-2021-32005MEDIUM6.5ten sam produkt

Cross-site Scripting (XSS) vulnerability in log view of Secomea SiteManager allows a logged in user to store j...