HIGH✓ PATCH🇬🇧 English

CVE-2020-25158

CVSS 7.6v3.1pub. 2022-04-14upd. 2024-11-21

A reflected cross-site scripting (XSS) vulnerability in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allows remote attackers to inject arbitrary web script or HTML into various locations.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L
  • Bbraun Datamodule Compactplus

    OS
    Bbraun
    a10a11
  • Bbraun Spacecom

    OS
    Bbraun
    ≤ l81
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
Tagi
XSS
CWE
Referencje

Powiązane podatności

CVE-2020-25150HIGH7.6ten sam produkt

A relative path traversal attack in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Da...

CVE-2020-25162HIGH7.5ten sam produkt

A XPath injection vulnerability in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Dat...

CVE-2020-25156HIGH7.2ten sam produkt

Active debug code in the B. Braun Melsungen AG SpaceCom Version L8/U61, and the Data module compactplus Versio...

CVE-2020-25166HIGH7.6ten sam produkt

An improper verification of the cryptographic signature of firmware updates of the B. Braun Melsungen AG Space...

CVE-2020-25164MEDIUM6.5ten sam produkt

A vulnerability in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compact...