XSS in Ge Intelligent_platforms_proficy_historian

CVE-2011-3320

Cross-site scripting (XSS) vulnerability in the Web Administrator component in GE Intelligent Platforms Proficy Historian 4.x and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.003 (56.9th percentile) — read the EPSS interpretation.

Affected products

Ge Intelligent_platforms_proficy_historian — versions 3.1, 3.5
N/a — versions n/a

Weakness classification (CWE)

CWE-79 — Cross-site Scripting

References

cret@cert.org (US Government Resource, x_refsource_MISC)
50473 (vdb-entry, x_refsource_BID)