Vulnerability CVE-2024-38308
Published: 2024-09-27

Description:
Advantech ADAM 5550's web application includes a "logs" page where all
the HTTP requests received are displayed to the user. The device doesn't
correctly neutralize malicious code when parsing HTTP requests to
generate page output.

Type:

CWE-79

 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

 References:
https://www.cisa.gov/news-events/ics-advisories/icsa-24-270-01
Copyright 2024, cxsecurity.com

 

Back to Top