CVE-2026-3010

Critical CVSS: 9.3

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Microchip TimePictra allows Query System for Information.This issue affects TimePictra: from 11.0 through 11.3 SP2.

Vendor

Microchip

Product

Timepictra

CWE

CWE-79

Yayın Tarihi

2026-02-28 12:16:39

Güncelleme

2026-03-10 14:29:50

Source Identifier

dc3f6da9-85b5-4a73-84a2-2ec90b40fca5

KEV Date Added

Kategoriler

CWE-79 Timepictra CRITICAL Microchip 2026

Referanslar

https://www.microchip.com/en-us/solutions/technologies/embedded-security/how-to-report-potential-product-security-vulnerabilities/timepictra-stored-cross-site-scripting

Benzer Kayıtlar

Critical

CVE-2026-2844

Missing Authentication for Critical Function vulnerability in Microchip TimePictra allows Configuration/Environment Mani…

Medium

CVE-2025-47904

Download of Code Without Integrity Check vulnerability in Microchip Time Provider 4100 allows Malicious Manual Software…

High

CVE-2025-47900

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Microchip Ti…

High

CVE-2025-47901

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Microchip Ti…

High

CVE-2025-47902

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Microchip Time Pro…