Schneider Electric PowerLogic PM5560 < 2.5.4 Cross Protocol Injection
Medium Nessus Network Monitor Plugin ID 720172
Schneider Electric PowerLogic PM5560 is vulnerable to the Cross Protocol Injection attack.
A Cross Protocol Injection vulnerability exists in Schneider Electric's PowerLogic (PM5560 prior to FW version 2.5.4) product. The vulnerability makes the product susceptible to cross site scripting attack on its web browser. User inputs can be manipulated to cause execution of java script code.
Perform vendor recommended mitigations and apply available vendor upgrades.