XSS in Schneider Electric Ats490 Altivar Soft Starter

CVE-2025-7746

CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists that could cause an unvalidated data injected by a malicious user potentially leading to modify or read data in a victim’s br…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.004 (31.8th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References