Unrated severityNVD Advisory· Published Sep 18, 2023· Updated Aug 2, 2024

Socomec MOD3GP-SY-120K Cross-site Scripting

CVE-2023-38255

Description

A potential attacker with or without (cookie theft) access to the device would be able to include malicious code (XSS) when uploading new device configuration that could affect the intended function of the device.

Affected products

Socomec/Modulys Gp (mod3gp Sy 120k)v5
Range: v01.12.10

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.cisa.gov/news-events/ics-advisories/icsa-23-250-03mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000