What the vulnerability does
01Description
PiiGAB M-Bus does not validate identification strings before processing, which could make it vulnerable to cross-site scripting attacks.
CVSS base score
8.0/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Key dates
02Disclosure timeline
July 6, 2023
CVE published
November 13, 2024
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2025-5628 SourceCodester Food Menu Manager Add Menu index.php cross site scripting
CVE-2022-2113 Cross-site Scripting (XSS) - Stored in inventree/inventree
CVE-2025-22333 WordPress Piotnet Addons For Elementor plugin <= 2.4.31 - Cross-Site Scripting vulnerability
CVE-2024-0320 Cross-Site Scripting in FireEye Malware Analysis (AX)
CVE-2025-7618 A stored Cross-Site Scripting (XSS) vulnerability exists in the File Explorer and Text Editor of ADM
