CVE-2016-5811

medium

Description

An issue was discovered in Visonic PowerLink2, all versions prior to October 2016 firmware release. User controlled input is not neutralized prior to being placed in web page output (CROSS-SITE SCRIPTING).

References

https://ics-cert.us-cert.gov/advisories/ICSA-16-348-01

http://www.securityfocus.com/bid/94894

Details

Source: Mitre, NVD

Published: 2017-02-13

Updated: 2021-09-09

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 6.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Severity: Medium