CVE-2021-27436

Name of the Vulnerable Software and Affected Versions WebAccess/SCADA versions 9.0 and prior

Description The issue allows an attacker to send malicious JavaScript code to an unsuspecting user, which could result in hijacking of the user’s cookie/session tokens, redirecting the user to a malicious webpage, and performing unintended browser actions.

Recommendations For versions 9.0 and prior, update to a version later than 9.0 to resolve the issue. As a temporary workaround, consider restricting access to sensitive areas of the WebAccess/SCADA system to minimize the risk of exploitation.