High
Multiple vulnerabilities due to cross-site scripting exist in the Energy Saving Data Collecting Server (EcoWebServerIII), which may result in information disclosure or information tampering of the product.
A vulnerability due to uncontrolled resource consumption exists in Energy Saving Data Collecting Server (EcoWebServerIII), which may result in a denial-of-service condition.
A vulnerability due to improperly controlled modification of dynamically determined object attributes exists in Energy Saving Data Collecting Server (EcoWebServerIII), which may result in a denial-of-service condition.
Mitsubishi Electric
Visit the vendor website to update the patches or implement the required workarounds: