A CWE-79 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) vulnerability that could cause a vulnerability leading to a cross site scripting condition where attackers can have a victim’s browser run arbitrary JavaScript when they visit a page containing the injected payload.

A CWE-79 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) vulnerability that could cause a vulnerability leading to a cross site scripting condition where attackers can have a victim’s browser run arbitrary JavaScript when they visit a page containing the injected payload.

Уязвимость программных средств создания панелей управления для систем управления электроэнергией EcoStruxure PowerSCADA Operation (PSO) - Advanced Reporting and Dashboards Module, EcoStruxure PowerOperation (EPO) - Advanced Reporting and Dashboards Module и программного обеспечения энергомониторинга EcoStruxure Power Monitoring Expert, связанная с непринятия мер по защите структуры веб-страницы, позволяющая нарушителю выполнить произвольный JavaScript-код