3 matches found
CVE-2019-13932
A vulnerability has been identified in XHQ All versions V6.0.0.2. The web application requests could be manipulated, causing the the application to behave in unexpected ways for legitimate users. Successful exploitation does not require for an attacker to be authenticated. A successful attack cou...
CVE-2019-13932
CVE-2019-13932 affects Siemens XHQ Operations Intelligence: all versions before 6.0.0.2 are vulnerable due to an IMPROPER INPUT VALIDATION (CWE-20) in the web interface. This could allow an unauthenticated attacker to manipulate web requests and potentially read or modify contents within the web ...
Siemens XHQ Operations Intelligence
1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: XHQ Operations Intelligence Vulnerabilities: Cross-site Request Forgery, Improper Neutralization of Script-Related HTML Tags in a Web Page, Improper Input Validation 2. RISK...