Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Nordex NC2 Cross-site Scripting
Vulnerability Description
Cross-site scripting (XSS) vulnerability in the login script in the Wind Farm Portal on Nordex Control 2 (NC2) SCADA devices 15 and earlier allows remote attackers to inject arbitrary web script or HTML via the username parameter.
CVSS Information
N/A
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
Nordex Control Wind Farm Portal 2 SCADA设备跨站脚本漏洞
Vulnerability Description
Nordex NC2(又名Nordex Control 2)是德国Nordex公司的一套用于风电行业的SCADA(数据采集与监视控制)系统。Wind Farm Portal是一套基于该系统的风机控制门户。 Nordex Control Wind Farm Portal 2 SCADA设备15及之前版本的登录脚本中存在跨站脚本漏洞。远程攻击者可借助‘username’参数利用该漏洞注入任意Web脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A