CVE-2021-41542
Published: Mar 8, 2022
Modified: Aug 4, 2024
Description
A vulnerability has been identified in Climatix POL909 (AWB module) (All versions < V11.44), Climatix POL909 (AWM module) (All versions < V11.36). The User Management page of affected devices is vulnerable to cross-site scripting (XSS). The vulnerability allows an attacker to send malicious JavaScript code which could result in hijacking of the user's cookie/session tokens, redirecting the user to a malicious webpage and performing unintended browser action.
| Vendor | Product | Versions |
|---|---|---|
Siemens | Climatix POL909 (AWB module) | affected All versions < V11.44 |
Siemens | Climatix POL909 (AWM module) | affected All versions < V11.36 |
Weaknesses (CWE)
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now