Vulnerabilities > CVE-2021-44471 - Unspecified vulnerability in Deltaww Diaenergie 1.7.5
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
LOW Integrity impact
LOW Availability impact
NONE Summary
DIAEnergie Version 1.7.5 and prior is vulnerable to stored cross-site scripting when an unauthenticated user injects arbitrary code into the parameter “name” of the script “DIAE_HandlerAlarmGroup.ashx”.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |