Siemens OZW OZW672 and OZW772 Login Form Cross-Site Scripting (XSS) Vulnerability

Siemens OZW OZW672 and OZW772 Login Form Cross-Site Scripting (XSS) Vulnerability

CVE-2016-1488 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in the login form in the integrated web server on Siemens OZW OZW672 devices before 6.00 and OZW772 devices before 6.00 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.

Learn more about our Web App Pen Testing.