Reflected Cross-Site Scripting Vulnerability in Schneider Electric Modicon BMX PLCs

Reflected Cross-Site Scripting Vulnerability in Schneider Electric Modicon BMX PLCs

CVE-2015-6462 · LOW Severity

AV:N/AC:M/AU:S/C:N/I:P/A:N

Reflected Cross-Site Scripting (nonpersistent) allows an attacker to craft a specific URL, which contains Java script that will be executed on the Schneider Electric Modicon BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP342020, BMXP342020H, BMXP342030, BMXP3420302, BMXP3420302H, or BMXP342030H PLC client browser.

Learn more about our Web Application Penetration Testing UK.