PT-2025-34564 · Scada-Lts · Scada-Lts
Marceloqz
·
Publicado
2025-08-24
·
Atualizado
2025-08-24
·
CVE-2025-9388
CVSS v2.0
5.5
Média
| Vetor | AV:N/AC:L/Au:S/C:P/I:P/A:N |
Name of the Vulnerable Software and Affected Versions:
Scada-LTS versions up to 2.7.8.1
Description:
A cross-site scripting issue exists in Scada-LTS. The issue is due to manipulation of the
Name argument within the watch list.shtm file. This can be exploited remotely. The exploit has been publicly disclosed.Recommendations:
Versions prior to 2.7.8.1 should be updated.
As a temporary workaround, consider restricting or sanitizing the
Name argument in the watch list.shtm file.Exploit
Correção
XSS
Code Injection
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Scada-Lts