| |
Vulnerability CVE-2024-38308
Published: 2024-09-27
Description: |
Advantech ADAM 5550's web application includes a "logs" page where all
the HTTP requests received are displayed to the user. The device doesn't
correctly neutralize malicious code when parsing HTTP requests to
generate page output. |
Type:
CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))
References: |
https://www.cisa.gov/news-events/ics-advisories/icsa-24-270-01
|
|
|
Copyright 2024, cxsecurity.com
|
|
|