Cross-Site Scripting Vulnerability in Microchip GridTime 3000
CVE-2026-12619

5.1MEDIUM

Key Information:

Vendor: Microchip
Status: Gridtime 3000
Vendor: CVE Published:; 19 June 2026

What is CVE-2026-12619?

An improper neutralization of input during the web page generation has been identified in Microchip GridTime 3000, allowing for Cross-Site Scripting (XSS) attacks. This vulnerability affects specific versions of the GridTime 3000, enabling attackers to inject malicious scripts into web pages viewed by users. Such exploits can lead to unauthorized information disclosure, session hijacking, and other significant security risks. Users are encouraged to review their systems and apply the necessary updates to mitigate this vulnerability.

Affected Version(s)

GridTime 3000 1.0r0.03 <= 1.1r0.0

References

https://www.microchip.com/en-us/solutions/technologies/em...

vendor-advisory

CVSS V4

Score:

5.1

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 19, 2026
Vulnerability Reserved
Jun 18, 2026

CVE-2026-12619 Data

JSON