CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2022-48192 – Cross-site scripting vulnerability in Softing smartLink SW-HT
https://notcve.org/view.php?id=CVE-2022-48192
Cross-site Scripting vulnerability in Softing smartLink SW-HT before 1.30, which allows an attacker to execute a dynamic script (JavaScript, VBScript) in the context of the application. Vulnerabilidad de Cross-Site Scripting (XSS) en Softing smartLink SW-HT anterior a la 1.30, que permite a un atacante ejecutar un script dinámico (JavaScript, VBScript) en el contexto de la aplicación. • https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-11.html https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-11.json • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-48193 – Weak ciphers vulnerability in Softing smartLink SW-HT
https://notcve.org/view.php?id=CVE-2022-48193
Weak ciphers in Softing smartLink SW-HT before 1.30 are enabled during secure communication (SSL). Los cifrados débiles en Softing smartLink SW-HT anteriores a la 1.30 se habilitan durante la comunicación segura (SSL). • https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-11.html https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-11.json • CWE-326: Inadequate Encryption Strength •