Vulnerability CVE-2022-29034


Published: 2022-06-14

Description:
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). An error message pop up window in the web interface of the affected application does not prevent injection of JavaScript code. This could allow attackers to perform reflected cross-site scripting (XSS) attacks.

See advisories in our WLB2 database:
Topic
Author
Date
Med.
SIEMENS-SINEMA Remote Connect 3.0.1.0-01.01.00.02 Cross Site Scripting
Steffen Robertz
22.06.2022

Type:

CWE-79

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

 References:
https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf

Copyright 2024, cxsecurity.com

 

Back to Top