Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2011-4511.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Siemens SIMATIC WinCC HMI web服务器跨站脚本漏洞
Vulnerability Description
Siemens SIMATIC WinCC Flexible是一款集成了SIMATIC STEP 7、SIMATIC WinCC和SINAMICS StartDrive的工程设计软件平台。 Siemens SIMATIC WinCC多个版本中的HMI web服务器中存在跨站脚本漏洞。远程攻击者利用该漏洞借助未明向量注入任意web脚本或者HTML。这些版本包括:Siemens WinCC flexible 在SP3版本前的2004版本、2005版本、2007版本和2008版本,WinCC V11 (aka
CVSS Information
N/A
Vulnerability Type
N/A