2 results (0.009 seconds)

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0

Cross-site Scripting vulnerability in Softing smartLink SW-HT before 1.30, which allows an attacker to execute a dynamic script (JavaScript, VBScript) in the context of the application. Vulnerabilidad de Cross-Site Scripting (XSS) en Softing smartLink SW-HT anterior a la 1.30, que permite a un atacante ejecutar un script dinámico (JavaScript, VBScript) en el contexto de la aplicación. • https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-11.html https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-11.json • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Weak ciphers in Softing smartLink SW-HT before 1.30 are enabled during secure communication (SSL). Los cifrados débiles en Softing smartLink SW-HT anteriores a la 1.30 se habilitan durante la comunicación segura (SSL). • https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-11.html https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-11.json • CWE-326: Inadequate Encryption Strength •