Aggregates CVE and security vulnerability intelligence across all ibc_solar-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk path handling and vendor risk cross-site scripting and related security problems, affecting vendor surface production workloads and vendor surface software deployment scenarios.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2015-6475 | Multiple cross-site scripting (XSS) vulnerabilities in IBC Solar ServeMaster TLP+ and Danfoss TLX Pro+ allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | [email protected] | 4.3 | 0.53% | 2015-09-26 | 2026-05-06 |
| CVE-2015-6474 | IBC Solar ServeMaster TLP+ and Danfoss TLX Pro+ allow remote attackers to discover cleartext passwords by reading HTML source code. | [email protected] | 5.0 | 0.53% | 2015-09-26 | 2026-05-06 |
| CVE-2015-6469 | The interpreter in IBC Solar ServeMaster TLP+ and Danfoss TLX Pro+ allows remote attackers to discover script source code via unspecified vectors. | [email protected] | 5.0 | 0.53% | 2015-09-26 | 2026-05-06 |