An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code.

See SEL Service Bulletin dated 2022-11-15 for more details.

Related CVEs

CVE-2023-31154

Key Information

GHSA ID

GHSA-936r-mr8m-5pqx

Published

May 10, 2023 9:30 PM

Last Modified

April 4, 2024 4:01 AM

CVSS Score

5.0 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: August 1, 2025 6:44 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.