CVE-2014-5382
Multiple cross-site scripting (XSS) vulnerabilities in the web interface in Schrack Technik microControl with firmware 1.7.0 (937) allow remote attackers to inject arbitrary web script or HTML via the position textbox in the configuration menu or other unspecified vectors.
View on NVDSeverity
N/A
EPSS
Probability of exploitation (next 30 days): 0.0022 (0.2%)
Percentile: 45.1%
EPSS: 2026-05-06
Affects
schrack:technik_microcontrol_firmwareschrack:technik_microcontrolTechnical description
Multiple cross-site scripting (XSS) vulnerabilities in the web interface in Schrack Technik microControl with firmware 1.7.0 (937) allow remote attackers to inject arbitrary web script or HTML via the position textbox in the configuration menu or other unspecified vectors.
Published: 8/20/2014, 2:55:06 PM
Last modified: 5/6/2026, 10:30:45 PM
References
- http://seclists.org/fulldisclosure/2014/Jul/40
- https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140710-2_Schrack_Technik_Microcontrol_Multiple_critical_vulnerabilities_v10.txt
- http://seclists.org/fulldisclosure/2014/Jul/40
- https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140710-2_Schrack_Technik_Microcontrol_Multiple_critical_vulnerabilities_v10.txt