A vulnerability has been identified in SICAM WEB firmware for SICAM A8000 RTUs (All versions < V05.30). The login screen does not sufficiently sanitize input, which enables an attacker to generate specially crafted log messages. If an unsuspecting victim views the log messages via the web browser, these log messages might be interpreted and executed as code by the web application. This Cross-Site-Scripting (XSS) vulnerability might compromize the confidentiality, integrity and availability of the web application.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: siemens

Published: 2020-08-14T15:24:06

Updated: 2024-08-04T13:22:30.684Z

Reserved: 2020-07-15T00:00:00

Link: CVE-2020-15781

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-08-14T16:15:16.853

Modified: 2024-11-21T05:06:10.020

Link: CVE-2020-15781

cve-icon Redhat

No data.