The installations for ABB System 800xA Information Manager versions 5.1, 6.0 to 6.0.3.2 and 6.1 wrongly contain an auxiliary component. An attacker is able to use this for an XSS-like attack to an authenticated local user, which might lead to execution of arbitrary code.
CPE | Name | Operator | Version |
---|---|---|---|
800xa_information_manager | eq | 6.1 | |
800xa_information_manager | eq | 5.1 | |
800xa_information_manager | ge | 6.0.0 | |
800xa_information_manager | le | 6.0.3.2 |