Vulnerabilities > Osisoft > PI WEB API > 2019

DATE CVE VULNERABILITY TITLE RISK
2021-11-18 CVE-2021-43549 Cross-site Scripting vulnerability in Osisoft PI web API
A remote authenticated attacker with write access to a PI Server could trick a user into interacting with a PI Web API endpoint and redirect them to a malicious website.
network
osisoft CWE-79
3.5
2020-06-23 CVE-2020-12021 Cross-site Scripting vulnerability in Osisoft PI web API
In OSIsoft PI Web API 2019 Patch 1 (1.12.0.6346) and all previous versions, the affected product is vulnerable to a cross-site scripting attack, which may allow an attacker to remotely execute arbitrary code.
network
osisoft CWE-79
6.0