2 matches found
CVE-2022-22804
A CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability exists that could allow an authenticated attacker to view data, change settings, or impact availability of the software when the user visits a page containing the injected payload. Affected...
CVE-2022-22804
The CVE-2022-22804 entry concerns an XSS (CWE-79) in EcoStruxure Power Monitoring Expert (versions 2020 and prior). The vulnerability arises from improper neutralization of input during web page generation, enabling an authenticated attacker to view data, change settings, or affect availability w...