CONPROSYS HMI System (CHS) < 3.7.7 Reflected Cross-Site Scripting

The Contec Co.,Ltd. CONPROSYS HMI System (CHS) is vulnerable to Cross-Site Scripting (XSS) in the getqsetting.php functionality that could allow reflected execution of scripts in the browser on interaction.This issue affects CONPROSYS HMI System (CHS): before 3.7.7.

N/A

在Web页面生成时对输入的转义处理不恰当(跨站脚本)

Contec CONPROSYS HMI System 安全漏洞

Contec CONPROSYS HMI System是日本Contec公司的一个基于 HTML5 技术的 HMI（人机界面）/SCADA（监控和数据采集）软件产品。 Contec CONPROSYS HMI System 3.7.7之前版本存在安全漏洞，该漏洞源于getqsetting.php存在跨站脚本。

N/A

N/A