CVE-2025-3899 | Schneider Electric Modicon Controllers M241/Modicon Controllers M251 prior 5.3.12.51 Webserver cross site scripting (SEVD-2025-161-02)

Inserito da Angelo Barbosa | Giu 10, 2025 | CVE

A vulnerability was found in Schneider Electric Modicon Controllers M241 and Modicon Controllers M251 and classified as problematic. Affected by this issue is some unknown functionality of the component Webserver. The manipulation leads to cross site scripting.

This vulnerability is handled as CVE-2025-3899. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-3899 | Schneider Electric Modicon Controllers M241/Modicon Controllers M251 prior 5.3.12.51 Webserver cross site scripting (SEVD-2025-161-02)

Post correlati

CVE-2024-48997 | Microsoft

CVE-2024-0615 | Content Control Plugin up to 2.1.0 on WordPress authorization

CVE-2024-50060 | Linux Kernel up to 6.1.112/6.6.56/6.11.3 io_uring state issue

CVE-2025-5082 | WP Attachments Plugin up to 5.0.12 on WordPress attachment_id cross site scripting