Security
Headlines
HeadlinesLatestCVEs

Headline

Real Time Automation 460MCBS 5.2.14 Cross Site Scripting

Real Time Automation 460MCBS version 5.2.14 suffers from a cross site scripting vulnerability.

Packet Storm
#xss#vulnerability#java#auth
Exploit Title:  Real Time Automation 460MCBS Cross Site Scripting (XSS)Date: 2023-03-09Exploit Author: Yehia ElghalyVendor Homepage: https://www.rtautomation.com/Software Link: https://www.rtautomation.com/product/460mcbs/Version: Revision 5.2.14Tested on: Real Time Automation CVE: N/ASummary: The Real Time Automation  460MCBS moves data between up to 32 Modbus TCP Servers and a BACnet/IP Building Automation System (BAS). It’s a perfect tool to tie Modbus TCP power meters, boilers, chillers and other devices into your BACnet/IP Building Automation SystemDescription: The attacker can able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.: XSS found on when insert a payload after(/)Payload: ?c12yy<script>alert('XSSYF')</script>p1ax8=1[Affected Component](/)

Packet Storm: Latest News

Acronis Cyber Protect/Backup Remote Code Execution