CVE-2021-27436
N/A
N/A
Summary
WebAccess/SCADA Versions 9.0 and prior is vulnerable to cross-site scripting, which may allow an attacker to send malicious JavaScript code to an unsuspecting user, which could result in hijacking of the user’s cookie/session tokens, redirecting the user to a malicious webpage and performing unintended browser actions.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | Advantech WebAccess/SCADA | Versions 9.0 and prior | affected |
Weaknesses
- CWE-79: IMPROPER NEUTRALIZATION OF INPUT DURING WEB PAGE GENERATION ('CROSS-SITE SCRIPTING') CWE-79
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.