Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A CWE-79 Multiple Improper Neutralization of Input During Web Page Generation (Cross-site Scripting Reflected) vulnerability exists in EcoStruxure Building Operation WebReports V1.9 - V3.1 that could cause a remote attacker to inject arbitrary web script or HTML due to incorrect sanitization of user supplied data and achieve a Cross-Site Scripting reflected attack against other WebReport users.
CVSS Information
N/A
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
Schneider Electric EcoStruxure Building Operation WebReports 跨站脚本漏洞
Vulnerability Description
施耐德电气 Schneider Electric EcoStruxure Building Operation WebReports是法国施耐德电气公司的一个企业级楼宇控制系统的基于Web的控制平台。 Schneider Electric EcoStruxure Building Operation WebReports 1.9版本至3.1版本存在跨站脚本漏洞,攻击者可利用该漏洞远程注入任意Web脚本或HTML由于不正确的卫生处理的用户提供的数据,实现跨站点脚本攻击其他WebReport用户反映出来。
CVSS Information
N/A
Vulnerability Type
N/A