Vulnerability Type
Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)
(CWE-79)
Summary
In Bender/ebee Charge Controllers in multiple versions are prone to Cross-site Scripting. An authenticated attacker could write HTML Code into configuration values. These values are not properly escaped when displayed.
Impact
no impact information found