Security
Headlines
HeadlinesLatestCVEs

Headline

ABB Cylon Aspect 3.08.02 (WatchDogServlet) Authenticated Reflected XSS

The ABB BMS/BAS controller suffers from an authenticated reflected cross-site scripting vulnerability. Input passed to the GET parameter ‘name’ is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML/JS code in a user’s browser session in context of an affected site.

Zero Science Lab
#xss#vulnerability#js#perl#auth

Zero Science Lab: Latest News

ABB Cylon Aspect 3.08.02 (WatchDogServlet) Authenticated Reflected XSS