Real Time Automation 460MCBS 5.2.14 Cross Site Scripting

CVE Category Price Severity
N/A CWE-79 N/A High
Author Risk Exploitation Type Date
Unknown High Remote 2023-03-12
Our sensors found this exploit at:

Below is a copy:

Real Time Automation 460MCBS 5.2.14 Cross Site Scripting
Exploit Title:  Real Time Automation 460MCBS Cross Site Scripting (XSS)
Date: 2023-03-09
Exploit Author: Yehia Elghaly
Vendor Homepage:
Software Link:
Version: Revision 5.2.14
Tested on: Real Time Automation 

Summary: The Real Time Automation  460MCBS moves data between up to 32 Modbus TCP Servers and a BACnet/IP Building Automation System (BAS). Its a perfect tool to tie Modbus TCP power meters, boilers, chillers and other devices into your BACnet/IP Building Automation System

Description: The attacker can able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.: XSS found on when insert a payload after(/)

Payload: ?c12yy<script>alert('XSSYF')</script>p1ax8=1

[Affected Component]

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.