CVE-2024-9414

Name of the Vulnerable Software and Affected Versions: LAquis SCADA version 4.7.1.511

Description: A cross-site scripting vulnerability in LAquis SCADA could allow an attacker to inject arbitrary code into a web page, potentially enabling them to steal cookies, redirect users, or perform unauthorized actions. This issue is related to the lack of protection measures for the web page structure, which could allow a remote attacker to conduct cross-site scripting attacks.

Recommendations: For LAquis SCADA version 4.7.1.511, consider disabling web page functionality or restricting access to the web interface until a patch is available to prevent exploitation of the cross-site scripting vulnerability. At the moment, there is no information about a newer version that contains a fix for this vulnerability.