2 matches found
CVE-2015-4174
Cross-site scripting XSS vulnerability in the integrated web server on the Siemens Climatix BACnet/IP communication module with firmware before 10.34 allows remote attackers to inject arbitrary web script or HTML via a crafted URL...
CVE-2015-4174
Siemens Climatix BACnet/IP Communication Module contains a Cross-site scripting (XSS) vulnerability in its integrated web server. Affects firmware versions prior to 10.34; an attacker can inject arbitrary web script or HTML via a crafted URL, potentially impacting web-page integrity of the module...