Cross-Site Scripting Vulnerability in Schneider Electric's Vijeo Historian, CitectHistorian, and CitectSCADAReports
CVE-2011-4035

Currently unrated

Key Information:

Vendor

Schneider Electric
Status
Vijeo Historian
Vendor
CVE Published:
2 December 2011

What is CVE-2011-4035?

An XSS vulnerability exists within Schneider Electric's Vijeo Historian, CitectHistorian, and CitectSCADAReports, allowing attackers to inject arbitrary web scripts or HTML through unspecified vectors. This flaw could enable remote attackers to manipulate web content viewed by users, potentially compromising sensitive information and affecting operational integrity. Organizations using the affected versions are urged to implement mitigation strategies and ensure their systems are updated to prevent exploitation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/71503
vdb-entryx_refsource_XF
http://www.scada.schneider-electric.com/sites/scada/en/lo...
x_refsource_CONFIRM
http://www.us-cert.gov/control_systems/pdf/ICSA-11-307-01...
x_refsource_MISC

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.