Sploit.io - Search

Product: B&R Automation Runtime, version: >= >=3.00, <= C4.93

CVE-2022-4286

Severity: MEDIUM

Description: A reflected cross-site scripting (XSS) vulnerability exists in System Diagnostics Manager of B&R Automation Runtime versions >=3.00 and <=C4.93 that enables a remote attacker to execute arbitrary JavaScript in the context of the users browser session.

CVSS Score: 6.1

Affected Products:

B&R Industrial Automation B&R Automation Runtime - Versions: >=3.00

References:

https://www.br-automation.com/downloads_br_productcatalogue/assets/1675607299099-en-original-1.0.pdf