Scadabr: >> Scadabr >> 1.0ce Security Vulnerabilities
A cross-site scripting (XSS) vulnerability in the login form (/ScadaBR/login.htm) in ScadaBR 1.0CE allows a remote attacker to inject arbitrary web script or HTML via the username or password parameter.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-10-14
ScadaBR 1.0CE, and 1.1.x through 1.1.0-RC, has XSS via a request for a nonexistent resource, as demonstrated by the dwr/test/ PATH_INFO.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-09-15