Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Pluto Safety PLC Gateway Ethernet devices in ABB GATE-E1 and GATE-E2 all versions allows an unauthenticated attacker using the administrative web interface to insert an HTML/Javascript payload into any of the device properties, which may allow an attacker to display/execute the payload in a visitor browser.
CVSS Information
N/A
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
ABB GATE-E1和GATE-E2 跨站脚本漏洞
Vulnerability Description
ABB GATE-E1和GATE-E2都是瑞士ABB公司的以太网网关设备。 ABB GATE-E1和GATE-E2(用在Pluto Safety PLC系统中)中存在跨站脚本漏洞。远程攻击者可借助管理web界面利用该漏洞将HTML/Javascript负载注入到任意的设备属性项中,进而在访客的浏览器中显示/执行该负载。
CVSS Information
N/A
Vulnerability Type
N/A