CVE-2013-0672

Siemens WinCC (TIA Portal) 11 - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to inject arbitrary web script or HTML via unspecified data.

References (2)

[US Government Resource] http://ics-cert.us-cert.gov/pdf/ICSA-13-079-03.pdf

[Vendor Advisory] http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-212483.pdf

Scores

EPSS 0.0024

EPSS Percentile 47.1%

Details

CWE

CWE-79

Status published

Products (2)

siemens/wincc_tia_portal

n/a/n/a

Published Mar 21, 2013

Tracked Since Feb 18, 2026