Advantech WebAccess 8.3.1 and 8.3.2 are vulnerable to cross-site scripting in the Bwmainleft.asp page. An attacker could leverage this vulnerability to disclose credentials amongst other things.
Max CVSS
5.4
EPSS Score
0.33%
Published
2018-10-31
Updated
2018-12-12
Advantech WebAccess 8.3.2 and below is vulnerable to multiple reflected cross site scripting vulnerabilities. A remote unauthenticated attacker could potentially exploit this vulnerability by tricking a victim to supply malicious HTML or JavaScript code to WebAccess, which is then reflected back to the victim and executed by the web browser.
Max CVSS
6.1
EPSS Score
0.41%
Published
2018-10-22
Updated
2018-12-03
2 vulnerabilities found