A vulnerability has been identified in Spectrum Power™ 5 (All versions < v5.50 HF02). The web server could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into accessing a malicious link. User interaction is required for a successful exploitation. If deployed according to recommended system configuration, Siemens consideres the environmental vector as CR:L/IR:M/AR:H/MAV:A (4.1).
[
{
"product": "Spectrum Power™ 5",
"vendor": "Siemens AG",
"versions": [
{
"status": "affected",
"version": "All versions < v5.50 HF02"
}
]
}
]