Vulnerability CVE-2021-32989
Published: 2022-05-25

Description:
When a non-existent resource is requested, the LCDS LAquis SCADA application (version 4.3.1.1011 and prior) returns error messages which may allow reflected cross-site scripting.

Type:

CWE-79

 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

 References:
https://www.cisa.gov/uscert/ics/advisories/icsa-21-208-04
Copyright 2026, cxsecurity.com

 

Back to Top