CVE-2014-2370

Summary

Cross-site scripting (XSS) vulnerability in the web application on Omron NS5, NS8, NS10, NS12, and NS15 HMI terminals 8.1xx through 8.68x allows remote authenticated users to inject arbitrary web script or HTML via crafted data.

Affected Software

VendorProductVersion RangeStatus
OmronNS158.1xx < 8.68xaffected
OmronNS128.1xx < 8.68xaffected
OmronNS108.1xx < 8.68xaffected
OmronNS88.1xx < 8.68xaffected
OmronNS58.1xx < 8.68xaffected

Weaknesses

  • CWE-79: CWE-79

ADP Enrichment

CVE Program Container

Additional References

References