CyberSec.Space Logo
Back to CVE Browser

CVE-2019-16321

MEDIUM
6.1
CVSS Severity Score
EPSS Score0.0090%
EPSS Percentile39.97th
PublishedSep 15, 2019
Last ModifiedNov 21, 2024

Vulnerability Description

ScadaBR 1.0CE, and 1.1.x through 1.1.0-RC, has XSS via a request for a nonexistent resource, as demonstrated by the dwr/test/ PATH_INFO.

Affected Platforms (CPE)

📦
Scadabr

Scadabr

= 1.0ce
📦
Scadabr

Scadabr

= 1.1.0

References & Advisories

🔗 https://misteralfa-hack.blogspot.com/2019/09/scadabr-scada-vulnerable-xss.html
🔗 https://misteralfa-hack.blogspot.com/2019/09/scadabr-scada-vulnerable-xss.html

Related Vulnerabilities

CVE-2021-268288.8

OpenPLC ScadaBR through 0.9.1 on Linux and through 1.12.4 on Windows allows remote authenticated users to upload and execute arbit...

CVE-2019-163446.1

A cross-site scripting (XSS) vulnerability in the login form (/ScadaBR/login.htm) in ScadaBR 1.0CE allows a remote attacker to inj...

CVE-2021-268295.4

OpenPLC ScadaBR through 0.9.1 on Linux and through 1.12.4 on Windows allows stored XSS via system_settings.shtm.

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...