Cross Site Scripting Vulnerability in Advantech WebAccess/SCADA

CVE-2026-36226

What is CVE-2026-36226?

A Cross Site Scripting vulnerability exists in Advantech WebAccess/SCADA 8.0-2015.08.16, enabling remote attackers to exploit the Create New Project User component. By inserting crafted script code into the decryption field, attackers may gain unauthorized access to sensitive user information, posing significant data security risks for the affected systems.

References