2 matches found
Siemens CP1604 and CP1616 Improper Neutralization of Input During Web Page Generation (CVE-2018-13809)
A vulnerability has been identified in CP 1604 All versions, CP 1616 All versions. The integrated web server of the affected CP devices could allow Cross-Site Scripting XSS attacks if unsuspecting users are tricked into following a malicious link. User interaction is required for a successful...
CVE-2018-13809
CVE-2018-13809 affects Siemens CP1604 and CP1616 devices. The vulnerability arises from Improper Neutralization of Input During Web Page Generation (XSS) in the devices’ integrated web server, allowing an attacker to craft a malicious link that could execute script in a logged-in user’s browser. ...