Lucene search
China National Vulnerability DatabaseCNVD-2022-17788HistoryMar 09, 2022 - 12:00 a.m.
Siemens Climatix POL909 (AWM and AWB) Cross-Site Scripting Vulnerability (CNVD-2022-17788)
2022-03-0900:00:00
China National Vulnerability Database
www.cnvd.org.cn
10
siemens climatix
pol909
cross-site scripting
vulnerability
bacnet
javascript
exploited
EPSS
0.001
Percentile
31.3%
Siemens Climatix AWB (Advanced Web and BACnet Module, POL909) enables users of the Climatix 600 solution to connect to a BACnet IP network and implement and load customer web pages and features. Siemens Climatix AWM (Advanced Web Module, POL909) enables users of the Climatix 600 solution to implement and load customer web pages and features. The Siemens Climatix POL909 (AWM and AWB) contains a cross-site scripting vulnerability that could be exploited to send malicious JavaScript code that could hijack a userβs cookie /session token, redirect the user to a malicious web page, and perform unexpected browser actions.
Related
cvelist
cvelist
CVE-2021-41542
2022-03-08 11:31:11
cve
cve
CVE-2021-41542
2022-03-08 12:15:10
prion
prion
Cross site scripting
2022-03-08 12:15:00
nvd
nvd
CVE-2021-41542
2022-03-08 12:15:10
ics
ics
Siemens Climatix POL909
2022-03-10 12:00:00