5 matches found
CVE-2022-36325
Affected devices do not properly sanitize data introduced by an user when rendering the web interface. This could allow an authenticated remote attacker with administrative privileges to inject code and lead to a DOM-based XSS...
Siemens SCALANCE Improper Neutralization of Script-Related HTML Tags in a Web Page (CVE-2022-36325)
Affected devices do not properly sanitize data introduced by an user when rendering the web interface. This could allow an authenticated remote attacker with administrative privileges to inject code and lead to a DOM-based XSS. This plugin only works with Tenable.ot. Please visit...
CVE-2022-36325
Affected devices do not properly sanitize data introduced by an user when rendering the web interface. This could allow an authenticated remote attacker with administrative privileges to inject code and lead to a DOM-based XSS...
CVE-2022-36325
Affected devices do not properly sanitize data introduced by an user when rendering the web interface. This could allow an authenticated remote attacker with administrative privileges to inject code and lead to a DOM-based XSS...
CVE-2022-36325
Summary. CVE-2022-36325 affects Siemens SCALANCE web interfaces and is caused by improper neutralization of script-related HTML tags in output, enabling a DOM-based XSS when data is rendered. The vulnerability is applicable to multiple SCALANCE products (and related lines) as listed in the ICS/NC...