CVE-2013-0688

Invensys Wonderware WIS <5.0 - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in Invensys Wonderware Information Server (WIS) 4.0 SP1SP1, 4.5- Portal, and 5.0- Portal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

References (1)

[US Government Resource] http://ics-cert.us-cert.gov/advisories/ICSA-13-113-01

Scores

EPSS 0.0025

EPSS Percentile 47.9%

Details

CWE

CWE-79

Status published

Products (4)

invensys/wonderware_information_server

n/a/n/a

Published May 09, 2013

Tracked Since Feb 18, 2026