2 matches found
Trane HVAC Systems Controls Improper Neutralization of Input During Web Page Generation (CVE-2021-42534)
The affected product's web application does not properly neutralize the input during webpage generation, which could allow an attacker to inject code in the input forms. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...
CVE-2021-42534
CVE-2021-42534 affects Trane Tracer SC (Trane Building Automation Controllers). The vulnerability arises from improper neutralization of input in the web application during webpage generation, enabling cross-site scripting (XSS) by injecting code via input forms. Affected product: Tracer SC firmw...