CVE Catalog

CVE-2023-45795

HighCVSS 7.8
Published: Updated: Translated: NVD NIST

Summary

A cross-site scripting vulnerability in the Builder Component of Pilz PASvisu before version 1.14.1 allows a local unauthenticated attacker to inject malicious JavaScript and gain full control over the device.

Risk Assessment

This vulnerability poses a serious security risk to devices, allowing attackers to take control of the system.

Recommendation

It is recommended to update Pilz PASvisu to version 1.14.1 or later to mitigate this vulnerability.

Original NVD description (English source)

A cross-site scripting vulnerability in the Builder Component of Pilz PASvisu before 1.14.1 allows a local unauthenticated attacker to inject malicious javascript and gain full control over the device.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS