Cross-Site Scripting Vulnerability in Pelco Sarix and Spectra Cameras
CVE-2018-7827
5.4MEDIUM
Key Information:
- Vendor
Schneider Electric
- Vendor
- CVE Published:
- 22 May 2019
What is CVE-2018-7827?
A Cross-Site Scripting (XSS) vulnerability exists in the Sarix Enhanced Camera and Spectra Enhanced PTZ Camera from Pelco, allowing remote attackers to inject arbitrary HTML and script code into a user's browser session. This flaw can lead to serious security implications, enabling attackers to manipulate user sessions and potentially access sensitive information.
Affected Version(s)
Pelco Sarix Enhanced and Spectra Enhanced, Pelco Sarix Enhanced 1st generation and Spectra Enhanced PTZ Pelco Sarix Enhanced and Spectra Enhanced, Pelco Sarix Enhanced 1st generation and Spectra Enhanced PTZ