Aruba Instant Web and Siemens SCALANCE W1750D Cross-Site Scripting

A reflected cross-site scripting (XSS) vulnerability CWE-79 exists in the web interface of the affected devices that allows an attacker to trick an administrator into clicking a link which could then take administrative actions on the device or expose a session cookie for an administrative session.