CVE-2018-18991
SpiderControl SCADA WebServer (versions prior to 2.03.0001) is affected by CVE-2018-18991: a reflected cross-site scripting (non-persistent) flaw caused by improper input neutralization during web page generation. An attacker can craft a URL to execute JavaScript in a victim’s browser. Mitigation...