Unrated severityNVD Advisory· Published Feb 5, 2024· Updated Aug 2, 2024
SDM Web interface vulnerable to XSS
CVE-2023-6028
Description
A reflected cross-site scripting (XSS) vulnerability exists in the SVG version of System Diagnostics Manager of B&R Automation Runtime versions <= G4.93 that enables a remote attacker to execute arbitrary JavaScript code in the context of the attacked user’s browser session.
Affected products
2<=G4.93+ 1 more
- (no CPE)range: <=G4.93
- (no CPE)range: 14.0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.