CVE-2020-28210
CVE-2020-28210 is a Cross-Site Scripting (CWE-79) vulnerability in EcoStruxure Building Operation WebStation (V2.0–V3.1). The root cause is improper input neutralization during webpage generation, enabling an authenticated remote user to inject HTML/JavaScript into other WebReport users’ browsers...