0X5Ea3O1F

Name of the Vulnerable Software and Affected Versions: Scada-LTS versions prior to 2.7.8.2 Description: A flaw exists in Scada-LTS’s Reports Module due to cross-site scripting. The issue stems from unknown processing of the file `/reports.shtm` and manipulation of the `Colour` argument. This manipulation can be initiated remotely. The exploit has been published. Recommendations: Update Scada-LTS to version 2.7.8.2 or later. As a temporary workaround, restrict access to the `/reports.shtm` file. Avoid using the `Colour` parameter in the affected Reports Module until the issue is resolved.

Name of the Vulnerable Software and Affected Versions: Scada-LTS versions prior to 2.7.8.2 Description: A vulnerability exists in Scada-LTS that allows for cross site scripting. The issue affects unknown code within the `/data point edit.shtm` file of the Data Point Edit Module. The manipulation of the `Text Renderer` properties argument can be exploited remotely. The exploit is publicly available. Recommendations: Update Scada-LTS to version 2.7.8.2 or later. As a temporary workaround, restrict access to the `/data point edit.shtm` file. Avoid manipulating the `Text Renderer` properties argument.