Advisories | CERT@VDE

2025-05-06 10:00 VDE-2025-032

Wiesemann & Theis: Multiple W&T Products are vulnerable to cross-site-scripting

Multiple W&T Products are prone to an XSS attack. An authenticated remote Attacker can execute arbitrary web scripts or HTML via crafted payloads injected into several input fields of the configuration webpage.

weiter ...

CVE-2025-3020: 5.4

Feeds

RSS / Atom

Nach Hersteller

ADS-TEC Industrial IT (3)

Auma (4)

Beckhoff (14)

Bender (2)

CODESYS (18)

Endress+Hauser (12)

Festo (12)

Festo Didactic (7)

Frauscher (3)

Carlo Gavazzi Controls (1)

Helmholz (12)

HIMA (2)

ifm (3)

Innominate (2)

Lenze (3)

MB connect line (12)

Miele (4)

M&M Software (1)

Pepperl+Fuchs (32)

PHOENIX CONTACT (91)

Pilz (13)

Red Lion Europe (4)

SMA (4)

SWARCO (1)

TECSON/GOK (1)

TRUMPF SE (4)

TRUMPF Laser (8)

TRUMPF Werkzeugmaschinen (9)

VARTA Storage (1)

VMT (1)

WAGO (63)

Weidmueller (12)

Welotec (3)

Wiesemann & Theis (5)

Legende

(Scoring für CVSS 2.0,3.0+3.1)

keine

Kein CVE verfügbar

Niedrig

0.1 <= 3.9

Mittel

4.0 <= 6.9

Hoch

7.0 <= 8.9

Kritisch

9.0 <= 10.0

Wiesemann & Theis: Multiple W&T Products are vulnerable to cross-site-scripting

Feeds

Nach Hersteller

Archiv

2025

2024

2023

2022

2021

2020

2019

2018

2017

Legende