CVE-2012-3031

Name of the Vulnerable Software and Affected Versions Siemens WinCC versions 7.0 SP3 and earlier

Description The issue allows remote attackers to inject arbitrary web script or HTML via a GET parameter, POST parameter, or Referer HTTP header, potentially leading to cross-site scripting (XSS) attacks.

Recommendations For versions 7.0 SP3 and earlier, update to a version later than 7.0 SP3 to resolve the issue.