The interpreter in IBC Solar ServeMaster TLP+ and Danfoss TLX Pro+ allows remote attackers to discover script source code via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| ibc_solar | danfoss_tlx_pro+ | - |
| ibc_solar | servemaster_tlp+ | - |
IBC Solar ServeMaster TLP+ and Danfoss TLX Pro+ allow remote attackers to discover cleartext passwords by reading HTML source code.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| ibc_solar | danfoss_tlx_pro+ | - |
| ibc_solar | servemaster_tlp+ | - |
Multiple cross-site scripting (XSS) vulnerabilities in IBC Solar ServeMaster TLP+ and Danfoss TLX Pro+ allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| ibc_solar | danfoss_tlx_pro+ | - |
| ibc_solar | servemaster_tlp+ | - |