Description
A CWE-79 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) vulnerability exists in EcoStruxure Building Operation WebStation V2.0 - V3.1 that could cause an attacker to inject HTML and JavaScript code into the user's browser.
Analysis
No analysis available yet.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| n/a | EcoStruxure Building Operation WebStation V2.0 - V3.1 | affected |
|
No data.
No data available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2020-20694 | A CWE-79 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) vulnerability exists in EcoStruxure Building Operation WebStation V2.0 - V3.1 that could cause an attacker to inject HTML and JavaScript code into the user's browser. |
References
| Link | Providers |
|---|---|
| https://www.se.com/ww/en/download/document/SEVD-2020-315-04/ |
|
History
No history.
MITRE
Status: PUBLISHED
Assigner: schneider
Published:
Updated: 2024-08-04T16:33:58.334Z
Reserved: 2020-11-05T00:00:00.000Z
Link: CVE-2020-28210
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-11-19T21:15:12.277
Modified: 2024-11-21T05:22:28.830
Link: CVE-2020-28210
Redhat
No data.
OpenCVE Enrichment
No data.
Weaknesses