Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2026-3010
PUBLISHED
More InfoOfficial Page
Assigner-Microchip
Assigner Org ID-dc3f6da9-85b5-4a73-84a2-2ec90b40fca5
View Known Exploited Vulnerability (KEV) details
Published At-28 Feb, 2026 | 11:45
Updated At-28 Feb, 2026 | 11:45
Rejected At-
▼CVE Numbering Authority (CNA)
TimePictra Stored Cross-Site Scripting

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Microchip TimePictra allows Query System for Information.This issue affects TimePictra: from 11.0 through 11.3 SP2.

Affected Products
Vendor
Microchip
Product
TimePictra
Collection URL
https://www.microchip.com/en-us/products/clock-and-timing/systems/synchronization-management-monitoring/timepictra-11
Default Status
unaffected
Versions
Affected
  • From 11.0 through 11.3 SP2 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-79CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Type: CWE
CWE ID: CWE-79
Description: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Metrics
VersionBase scoreBase severityVector
4.09.3CRITICAL
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:L/SI:L/SA:N
Version: 4.0
Base score: 9.3
Base severity: CRITICAL
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:L/SI:L/SA:N
Metrics Other Info
Impacts
CAPEC IDDescription
CAPEC-54CAPEC-54 Query System for Information
CAPEC ID: CAPEC-54
Description: CAPEC-54 Query System for Information
Solutions
Configurations
Workarounds

Control access to the web application

Exploits
Credits
reporter
Steve Lin
reporter
Bastion Security
Timeline
EventDate
Reported2026-02-04 23:00:00
Event: Reported
Date: 2026-02-04 23:00:00
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.microchip.com/en-us/solutions/technologies/embedded-security/how-to-report-potential-product-security-vulnerabilities/timepictra-stored-cross-site-scripting
vendor-advisory
Hyperlink: https://www.microchip.com/en-us/solutions/technologies/embedded-security/how-to-report-potential-product-security-vulnerabilities/timepictra-stored-cross-site-scripting
Resource:
vendor-advisory
Details not found