CVE-2023-31177 Information

Description

An Improper Neutralization of Input During Web Page Generation  (‘Cross-site Scripting’) in the Schweitzer Engineering Laboratories SEL-451 could allow an attacker to craft a link that could execute arbitrary code on a victim’s system.

See product Instruction Manual Appendix A dated 20230830 for more details.

Reference

https://selinc.com/support/security-notifications/external-reports/ https://www.nozominetworks.com/blog/