CVE-2021-29661

CVE-2021-29661

Softing AG OPC Toolbox through 4.10.1.13035 allows /en/diag_values.html Stored XSS via the ITEMLISTVALUES##ITEMID parameter, resulting in JavaScript payload injection into the trace file. This payload will then be triggered every time an authenticated user browses the page containing it.

Source: CVE-2021-29661

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다