HTML Injection (XSS) Vulnerability in Phoenix Contact FL MGUARD 1102 and 1105 Versions 1.4.0, 1.4.1, and 1.5.0

HTML Injection (XSS) Vulnerability in Phoenix Contact FL MGUARD 1102 and 1105 Versions 1.4.0, 1.4.1, and 1.5.0

CVE-2021-34582 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

In Phoenix Contact FL MGUARD 1102 and 1105 in Versions 1.4.0, 1.4.1 and 1.5.0 a user with high privileges can inject HTML code (XSS) through web-based management or the REST API with a manipulated certificate file.

Learn more about our Web App Pen Testing.