2 matches found
CVE-2021-42706
Summary: CVE-2021-42706 affects Advantech WebAccess HMI Designer (WebAccess/MHI Designer). The connected advisory details a Use After Free vulnerability (CWE-416) in WebAccess/MHI Designer, leading to information disclosure and arbitrary code execution via memory corruption when handling crafted ...
CVE-2021-42703
Vulnerability context: CVE-2021-42703 corresponds to a cross‑site scripting flaw in Advantech WebAccess HMI Designer (pre‑2.1.11.0). The issue stems from insufficient input filtering/escaping of user‑submitted parameters, enabling attacker‑supplied JavaScript to execute in the affected web contex...