Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A Protection Mechanism Failure issue was discovered in OSIsoft PI Vision versions 2017 and prior. The X-XSS-Protection response header is not set to block, allowing attempts at reflected cross-site scripting.
CVSS Information
N/A
Vulnerability Type
保护机制失效
Vulnerability Title
OSIsoft PI Vision 跨站脚本漏洞
Vulnerability Description
OSIsoft PI是美国OSIsoft公司的一套基于Client/Server结构的商品化软件应用平台。该平台支持数据采集、分析和可视化等。OSIsoft PI Vision是使用在其中的一套可视化工具。 OSIsoft PI Vision 2017及之前版本中存在跨站脚本漏洞,该漏洞源于没有限制X-XSS-Protection响应包头。远程攻击者可利用该漏洞在浏览器中执行任意脚本代码。
CVSS Information
N/A
Vulnerability Type
N/A