CVE-2020-28210 – A CWE-79 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting …

Vuln ID: CVE-2020-28210

Published:  2020-11-19  21:15:12Z

Description: A CWE-79 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) vulnerability exists in EcoStruxure Building Operation WebStation V2.0 – V3.1 that could cause an attacker to inject HTML and JavaScript code into the user’s browser.

Source: NVD.NIST.GOV