Back to search
CVE-2018-7795
Published: Aug 29, 2018
Modified: May 29, 2026
PUBLISHED
Description
A Cross Protocol Injection vulnerability exists in Schneider Electric's PowerLogic (PM5560 prior to FW version 2.5.4) product. The vulnerability makes the product susceptible to cross site scripting attack on its web browser. User inputs can be manipulated to cause execution of java script code.
| Vendor | Product | Versions |
|---|---|---|
Schneider Electric SE | PowerLogic - PM5560 prior to FW version 2.5.4 | affected PowerLogic - PM5560 prior to FW version 2.5.4 |
References
https://www.schneider-electric.com/en/download/document/SEVD-2018-228-01/
x_refsource_CONFIRM
105170
vdb-entry
x_refsource_BID
https://ics-cert.us-cert.gov/advisories/ICSA-18-240-03
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now