A CWE-79 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) vulnerability exists in EcoStruxure Building Operation WebStation V2.0 - V3.1 that could cause an attacker to inject HTML and JavaScript code into the userβs browser.
[
{
"product": "EcoStruxure Building Operation WebStation V2.0 - V3.1",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EcoStruxure Building Operation WebStation V2.0 - V3.1"
}
]
}
]