2 matches found
CVE-2020-7575
The CVE-2020-7575 entry affects Siemens Climatix POL908 (BACnet/IP module) and POL909 (AWM module). The vulnerability is a persistent cross-site scripting (XSS) flaw in the web server access log page that lets an attacker inject arbitrary JavaScript via specially crafted GET requests. Exploitatio...
Siemens Climatix (Update A)
1. EXECUTIVE SUMMARY CVSS v3 6.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: Climatix Vulnerability: Cross-site Scripting, Basic XSS 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-20-105-04 Siemens Climatix...