Vulnerability in Siemens Desigo Pxc4

CVE-2022-24039

A vulnerability has been identified in Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884). The “addCell” JavaScript function fails to properly sanitize user-controllable input before includin…

EPSS: 0.021 (84.2th percentile) — read the EPSS interpretation.

Affected products

Siemens Desigo Pxc4 — versions All versions < V02.20.142.10-10884
Siemens Desigo Pxc5 — versions All versions < V02.20.142.10-10884

Weakness classification (CWE)

CWE-75

References

cert-portal.siemens.com/productcert/pdf/ssa-626968.pdf (x_refsource_MISC)