CVE-2023-28650 CVE-2023-28650

2023-03-2719:40:04

icscert

www.cve.org

unauthenticated

remote attacker

malicious link

javascript payload

6.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

35.3%

JSON

An unauthenticated remote attacker could provide a malicious link and trick an unsuspecting user into clicking on it. If clicked, the attacker could execute the malicious JavaScript (JS) payload in the target’s security context.

CNA Affected

[
  {
    "vendor": "SAUTER",
    "product": "EY-AS525F001 with moduWeb",
    "versions": [
      {
        "status": "affected",
        "version": "all versions"
      }
    ]
  }
]

References

www.cisa.gov/news-events/ics-advisories/icsa-23-082-03