CVE-2026-2400

Vulnerability Description

CWE-93 Improper Neutralization of CRLF Sequences ('CRLF Injection') vulnerability exists that could cause application user credentials to reset when a Web Admin user alters the POST /setPCBEDesc request payload.

Vulnerability Details

Published Date

April 14, 2026

Last Modified

April 14, 2026

CWE ID

CWE-93

Source

NVD

External References

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2026-104-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2026-104-01.pdf

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment