CVE-2024-31414 Information

Description

The Eaton Foreseer software provides users the capability to customize the dashboard in WebView pages. However the input fields for this feature in the Eaton Foreseer software lacked proper input sanitization on the server-side which could lead to injection and execution of malicious scripts when abused by bad actors.

Reference

https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/etn-va-2024-1008.pdf