CVE-2019-11370

Stored XSS was discovered in Carel pCOWeb prior to B1.2.4, as demonstrated by the config/pw_snmp.html "System contact" field.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:carel:pcoweb_card_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:carel:pcoweb_card:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2019-06-03 20:29

Updated : 2023-12-10 12:59


NVD link : CVE-2019-11370

Mitre link : CVE-2019-11370

CVE.ORG link : CVE-2019-11370


JSON object : View

Products Affected

carel

  • pcoweb_card_firmware
  • pcoweb_card
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')