Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A cross-site request forgery vulnerability exists on the Secure Gateway component of Schneider Electric's PowerSCADA Anywhere v1.0 redistributed with PowerSCADA Expert v8.1 and PowerSCADA Expert v8.2 and Citect Anywhere version 1.0 for multiple state-changing requests. This type of attack requires some level of social engineering in order to get a legitimate user to click on or access a malicious link/site containing the CSRF attack.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Schneider Electric PowerSCADA Anywhere和Citect Anywhere 跨站脚本漏洞
Vulnerability Description
Schneider Electric PowerSCADA Anywhere和Citect Anywhere都是法国施耐德电气(Schneider Electric)公司的产品。Schneider Electric PowerSCADA Anywhere是一套变电站监控系统。Citect Anywhere是PowerSCADA Anywhere的移动应用程序。 Schneider Electric PowerSCADA Anywhere 1.0版本和Citect Anywhere 1.0版本中存在跨站脚本
CVSS Information
N/A
Vulnerability Type
N/A