A vulnerability has been identified in Spectrum Power 4 (All versions < V4.70 SP9 Security Patch 1). The integrated web application βOnline Helpβ in affected product contains a Cross-Site Scripting (XSS) vulnerability that could be exploited if unsuspecting users are tricked into accessing a malicious link.
[
{
"product": "Spectrum Power 4",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V4.70 SP9 Security Patch 1"
}
]
}
]