CVE-2025-24482 FactoryTalk® View Site Edition - Local Code Injection

A Local Code Injection Vulnerability exists in the product and version listed above. The vulnerability is due to incorrect default permissions and allows for DLLs to be executed with higher level permissions...

Vulnerability fixed in Rockwell Automation FactoryTalk View Site

Rockwell Automation has fixed a vulnerability in FactoryTalk View Site. A malicious party could exploit the vulnerability to execute arbitrary code in the application, in the victim's context, using a Cross-Site Scripting attack. For successful exploitation, the malicious party must have access t...

The vulnerability of the software for managing and monitoring manufacturing processes in Rockwell Automation’s FactoryTalk View Site Edition arises from the lack of measures taken to clean data at the management level. This allows a perpetrator to execute arbitrary code.

The vulnerability of the software for managing and monitoring manufacturing processes in Rockwell Automation’s FactoryTalk View Site Edition stems from the lack of measures taken to clean data at the management level. Exploiting this vulnerability allows a malicious actor to execute arbitrary cod...

CVE-2024-45824 FactoryTalk® View Site Edition Remote Code Execution Vulnerability via Lack of Input Validation

CVE-2024-45824 IMPACT A remote code vulnerability exists in the affected products. The vulnerability occurs when chained with Path Traversal, Command Injection, and XSS Vulnerabilities and allows for full unauthenticated remote code execution. The link in the mitigations section below contains...

CVE-2024-7513 Rockwell Automation FactoryTalk® View Site Edition Code Execution Vulnerability via File Permissions

CVE-2024-7513 IMPACT A code execution vulnerability exists in the affected product. The vulnerability occurs due to improper default file permissions allowing any user to edit or replace files, which are executed by account with elevated permissions...

CVE-2023-46289

Rockwell Automation FactoryTalk View Site Edition (V11.0 affected) suffers from improper input validation (CVE-2023-46289). Insufficient validation could allow a remote attacker to submit malicious data, potentially rendering the product unavailable and requiring a restart to recover, i.e., a den...

CVE-2020-25470

AntSword 2.1.8.1 contains a cross-site scripting XSS vulnerability in the View Site funtion. When viewing an added site, an XSS payload can be injected in cookies view which can lead to remote code execution...

CVE-2020-25470

AntSword 2.1.8.1 contains a cross-site scripting XSS vulnerability in the View Site funtion. When viewing an added site, an XSS payload can be injected in cookies view which can lead to remote code execution...

Cross site scripting

AntSword 2.1.8.1 contains a cross-site scripting XSS vulnerability in the View Site funtion. When viewing an added site, an XSS payload can be injected in cookies view which can lead to remote code execution...

CVE-2020-25470

AntSword 2.1.8.1 contains a cross-site scripting XSS vulnerability in the View Site funtion. When viewing an added site, an XSS payload can be injected in cookies view which can lead to remote code execution...

CVE-2020-25470

AntSword 2.1.8.1 is affected by a cross-site scripting (XSS) vulnerability in the View Site function. When an added site is viewed, an XSS payload can be injected in cookies view, which can lead to remote code execution. Affected component: AntSword 2.1.8.1; root cause: XSS in the View Site funct...