Unrated severityNVD Advisory· Published Nov 15, 2023· Updated Dec 2, 2024
CVE-2023-5986
CVE-2023-5986
Description
A CWE-601 URL Redirection to Untrusted Site vulnerability exists that could cause an openredirect vulnerability leading to a cross site scripting attack. By providing a URL-encoded input attackers can cause the software’s web application to redirect to the chosen domain after a successful login is performed.
Affected products
3- Range: Version 2020 CU2 and prior
- Schneider Electric/Ecostruxure™ Power Operation (epo) Advanced Reporting And Dashboards Modulecpe-rescue2 versions
Advanced Reporting and Dashboards Module 2021 prior to CU2 for EcoStruxure Power Operation 2021+ 1 more
- (no CPE)range: Advanced Reporting and Dashboards Module 2021 prior to CU2 for EcoStruxure Power Operation 2021
- (no CPE)range: EcoStruxure Power SCADA Operation (PSO) 2020 or 2020 R2
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.