CVE-2023-45796
Received Received - Intake
Stored XSS in Pilz PASvisu Runtime Component

Publication date: 2026-06-22

Last updated on: 2026-06-22

Assigner: CERT VDE

Description
A stored cross-site scripting vulnerability in the Runtime component of Pilz PASvisu before 1.14.1 and PMI v8xx up to and including 2.0.33992 allows a low-privileged remote unauthenticated attacker to manipulate process data with potential impact on integrity and/or availability.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-22
Last Modified
2026-06-22
Generated
2026-06-22
AI Q&A
2026-06-22
EPSS Evaluated
N/A
NVD
CVE-2023-45796
EUVD
EUVD-2023-60593
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
pilz pasvisu to 1.14.1 (exc)
pilz pmi to 2.0.33992 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-79 The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a stored cross-site scripting (XSS) issue found in the Runtime component of Pilz PASvisu before version 1.14.1 and PMI v8xx up to and including version 2.0.33992.

It allows a low-privileged remote unauthenticated attacker to manipulate process data.

The vulnerability arises because malicious scripts can be stored and later executed, potentially compromising the integrity and availability of the affected system.

Impact Analysis

The vulnerability can impact you by allowing an attacker to manipulate process data, which can affect the integrity and availability of your system.

Since the attacker can be remote, unauthenticated, and low-privileged, this increases the risk of unauthorized data manipulation without requiring prior access.

The CVSS score of 8.1 indicates a high severity, emphasizing the potential serious impact on system operations.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2023-45796. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart