CVE-2012-3040

CVE-2012-3040 affects Siemens SIMATIC S7-1200 PLCs (web server) 2.x–3.0.1. The root cause is improper input neutralization in the web application (CWE-79), allowing remote attackers to inject arbitrary web script or HTML via a crafted URI. Impact described as enabling attacker-controlled JavaScri...

Siemens SIMATIC S7-1200 PLC 'web server' Component XSS Vulnerability (SSA-279823)

Siemens SIMATIC S7-1200 devices are prone to a cross-site scripting XSS vulnerability because they fail to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...

Siemens S7-1200 Web Application Cross Site Scripting

Overview This advisory provides mitigation details provided by Siemens for a vulnerability that impacts the Siemens S7-1200 Web Application Module. Siemens has reportedSSA-279823, http://www.siemens.com/corporate-technology/en/research-areas/siemens-cert-security-advisories.htm, Web site last...