PIKO 1.5-1 MP plus HMI OEM

CVEs (1)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2022-42974	Kostal PIKO 1.5-1 MP plus HMI OEM	Med	0.31	4.8	0.00		Jun 21, 2024	In Kostal PIKO 1.5-1 MP plus HMI OEM p 1.0.1, the web application for the Solar Panel is vulnerable to a Stored Cross-Site Scripting (XSS) attack on /file.bootloader.upload.html. The application fails to sanitize the parameter filename, in a POST request to…

CVE-2022-42974MedJun 21, 2024
Kostal
PIKO 1.5-1 MP plus HMI OEM
risk 0.31cvss 4.8epss 0.00
In Kostal PIKO 1.5-1 MP plus HMI OEM p 1.0.1, the web application for the Solar Panel is vulnerable to a Stored Cross-Site Scripting (XSS) attack on /file.bootloader.upload.html. The application fails to sanitize the parameter filename, in a POST request to…