CVE-2025-4417
AVEVA PI Connector for CygNet Cross-site Scripting
A cross-site scripting vulnerability exists in
AVEVA PI Connector for CygNet
Versions 1.6.14 and prior that, if exploited, could allow an
administrator miscreant with local access to the connector admin portal
to persist arbitrary JavaScript code that will be executed by other
users who visit affected pages.
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:P/VC:N/VI:H/VA:N/SC:H/SI:H/SA:N
Produtos afetados
AVEVA · PI Connector for CygNetQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →