Cross-Site Scripting Vulnerability in Siemens XHQ Web Interface
CVE-2019-19285
5.4MEDIUM
Summary
A security vulnerability exists in Siemens XHQ web interface that could allow malicious users to initiate Cross-Site Scripting (XSS) attacks. By crafting deceptive links, attackers may exploit this weakness to manipulate unsuspecting users into executing malicious scripts in their web browsers, potentially leading to unauthorized access to sensitive information and further exploitation of the affected systems. Implementing robust security measures is essential to mitigate risks associated with such vulnerabilities.
Affected Version(s)
XHQ All Versions < 6.1
References
CVSS V3.1
Score:
5.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved