VYPR

WIN-PAK

by Honeywell

CVEs (3)

  • CVE-2020-6978Mar 24, 2020
    risk 0.00cvss epss 0.01

    In Honeywell WIN-PAK 4.7.2, Web and prior versions, the affected product is vulnerable due to the usage of old jQuery libraries.

  • CVE-2020-6982Mar 24, 2020
    risk 0.00cvss epss 0.01

    In Honeywell WIN-PAK 4.7.2, Web and prior versions, the header injection vulnerability has been identified, which may allow remote code execution.

  • CVE-2020-7005Mar 24, 2020
    risk 0.00cvss epss 0.01

    In Honeywell WIN-PAK 4.7.2, Web and prior versions, the affected product is vulnerable to a cross-site request forgery, which may allow an attacker to remotely execute arbitrary code.