2 matches found
CVE-2020-7570
A CWE-79 Improper Neutralization of Input During Web Page Generation Cross-site Scripting Stored vulnerability exists in EcoStruxure Building Operation WebReports V1.9 - V3.1 that could cause an authenticated remote user being able to inject arbitrary web script or HTML due to incorrect...
Schneider Electric EcoStruxure Building Operation WebReports 跨站脚本漏洞
Schneider Electric EcoStruxure Building Operation WebReports is a web application for creating, viewing and managing reports. A cross-site scripting vulnerability exists in Schneider Electric EcoStruxure Building Operation WebReports 1.9 - 3.1. The vulnerability stems from improper validation of...