Back to search
CVE-2020-28210
Published: Nov 19, 2020
Modified: May 28, 2026
PUBLISHED
Description
A CWE-79 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) vulnerability exists in EcoStruxure Building Operation WebStation V2.0 - V3.1 that could cause an attacker to inject HTML and JavaScript code into the user's browser.
| Vendor | Product | Versions |
|---|---|---|
n/a | EcoStruxure Building Operation WebStation V2.0 - V3.1 | affected EcoStruxure Building Operation WebStation V2.0 - V3.1 |
Weaknesses (CWE)
References
https://www.se.com/ww/en/download/document/SEVD-2020-315-04/
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now