2 matches found
CVE-2014-5408
CVE-2014-5408 is a reflected XSS in the Nordex NC2 Wind Farm Portal login script (username parameter) affecting NC2 v15 and earlier. The vulnerability, exploitable remotely, can cause a user’s browser to execute arbitrary script/HTML; OpenVAS notes the potential to read cookies during exploitatio...
Nordex NC2 XSS Vulnerability
OVERVIEW This advisory is a follow-up to the alert titled ICS-ALERT-13-304-01 Nordex NC2 – Cross-Site Scripting Vulnerability that was published October 31, 2013, on the NCCIC/ICS-CERT web site. Independent researcher Darius Freamon identified a cross-site scripting vulnerability in the Nordex...