Persistent XSS Vulnerability in Siemens RUGGEDCOM NMS < V1.2

Persistent XSS Vulnerability in Siemens RUGGEDCOM NMS < V1.2

CVE-2017-2683 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

A non-privileged user of the Siemens web application RUGGEDCOM NMS < V1.2 on port 8080/TCP and 8081/TCP could perform a persistent Cross-Site Scripting (XSS) attack, potentially resulting in obtaining administrative permissions.

Learn more about our Web App Pen Testing.