← Back

Cyberpowersystems

cyberpowersystems

2 CVEs • 1 product

Products (1)

Click to collapse
Toggle
Powerpanel
powerpanel
2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2019-13071
1Cyberpowersystems
1Powerpanel
Jun 17, 2026
Jul 10, 2019
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
CSRF in the Agent/Center component of CyberPower PowerPanel Business Edition 3.4.0 allows an attacker to submit POST requests to any forms in the web application. This can be exploited by tricking an authenticated user i...Show more
CSRF in the Agent/Center component of CyberPower PowerPanel Business Edition 3.4.0 allows an attacker to submit POST requests to any forms in the web application. This can be exploited by tricking an authenticated user into visiting an attacker controlled web page.Show less
CVE-2019-13070
1Cyberpowersystems
1Powerpanel
Jun 17, 2026
Jul 9, 2019
N/A· v4
5.4 MEDIUM· v3
3.5 LOW· v2
A stored XSS vulnerability in the Agent/Center component of CyberPower PowerPanel Business Edition 3.4.0 allows a privileged attacker to embed malicious JavaScript in the SNMP trap receivers form. Upon visiting the /agen...Show more
A stored XSS vulnerability in the Agent/Center component of CyberPower PowerPanel Business Edition 3.4.0 allows a privileged attacker to embed malicious JavaScript in the SNMP trap receivers form. Upon visiting the /agent/action_recipient Event Action/Recipient page, the embedded code will be executed in the browser of the victim.Show less