Timepictra
Monthly
Microchip TimePictra versions 11.0 through 11.3 SP2 contain a reflected cross-site scripting (XSS) vulnerability that allows unauthenticated attackers to inject malicious scripts through query parameters. Successful exploitation requires user interaction and can result in session hijacking, credential theft, or unauthorized information disclosure. No patch is currently available.
Timepictra versions up to 11.3 is affected by missing authentication for critical function (CVSS 7.5).
Microchip TimePictra versions 11.0 through 11.3 SP2 contain a reflected cross-site scripting (XSS) vulnerability that allows unauthenticated attackers to inject malicious scripts through query parameters. Successful exploitation requires user interaction and can result in session hijacking, credential theft, or unauthorized information disclosure. No patch is currently available.
Timepictra versions up to 11.3 is affected by missing authentication for critical function (CVSS 7.5).