Multiple cross-site scripting (XSS) vulnerabilities in unspecified web applications in Siemens WinCC 7.0 SP3 before Update 2 allow remote attackers to inject arbitrary web script or HTML via vectors involving special characters in parameters.
CPE | Name | Operator | Version |
---|---|---|---|
wincc | eq | 7.0 sp3 | |
wincc | eq | 7.0 sp3update1 |