A CWE-79 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) vulnerability exists in EcoStruxure Building Operation WebStation V2.0 - V3.1 that could cause an attacker to inject HTML and JavaScript code into the user’s browser.
CPE | Name | Operator | Version |
---|---|---|---|
ecostruxure_building_operation | ge | 2.0 | |
ecostruxure_building_operation | le | 3.1 |