Primary

Context

Microchip TimePictra Stored Cross-Site Scripting Vulnerability

Vulnerability

A stored cross-site scripting vulnerability has been identified in the Microchip TimePictra web application, affecting versions 11.0 through 11.3 SP2. The issue arises from improper input validation of the network element name parameter, allowing attackers to execute scripts that are stored and potentially executed in the context of other users.

Impact

Exploitation of this vulnerability could enable an attacker to collect application information, such as session IDs, from users who view the compromised data.

Remediation

It is recommended to control access to the web application. Microchip plans to address this vulnerability in a future release.

Added: Feb 28, 2026, 12:18 PM

Updated: Feb 28, 2026, 12:18 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.5

exploitability

5.0

remediation

0.0

relevance

3.3

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.5

exploitability

5.0

remediation

0.0

relevance

3.3

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Microchip TimePictra Stored Cross-Site Scripting Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating