CVE-2014-3110

Multiple cross-site scripting (XSS) vulnerabilities on Honeywell FALCON XLWeb Linux controller devices 2.04.01 and earlier and FALCON XLWeb XLWebExe controller devices 2.02.11 and earlier allow remote attackers to inject arbitrary web script or HTML via invalid input.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:h:honeywell:falcon_xlweb_linux_controller:*:*:*:*:*:*:*:*
cpe:2.3:h:honeywell:falcon_xlweb_xlwebexe:*:*:*:*:*:*:*:*

Information

Published : 2014-07-24 07:55

Updated : 2018-05-26 18:29


NVD link : CVE-2014-3110

Mitre link : CVE-2014-3110


JSON object : View

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Advertisement

dedicated server usa

Products Affected

honeywell

  • falcon_xlweb_linux_controller
  • falcon_xlweb_xlwebexe