CVE-2020-10614

Summary

In OSIsoft PI System multiple products and versions, an authenticated remote attacker with write access to PI Vision databases could inject code into a display. Unauthorized information disclosure, deletion, or modification is possible if a victim views the infected display.

Affected Software

VendorProductVersion RangeStatus
n/aOSIsoft PI System multiple products and versionsOSIsoft PI System multiple products and versionsaffected

Weaknesses

  • CWE-79: IMPROPER NEUTRALIZATION OF INPUT DURING WEB PAGE GENERATION ('CROSS-SITE SCRIPTING') CWE-79

ADP Enrichment

CVE Program Container

Additional References

References