Vulnerabilities > Softing > OPC Toolbox > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-04-02 CVE-2021-29661 Cross-site Scripting vulnerability in Softing OPC Toolbox 4.10.1.13035
Softing AG OPC Toolbox through 4.10.1.13035 allows /en/diag_values.html Stored XSS via the ITEMLISTVALUES##ITEMID parameter, resulting in JavaScript payload injection into the trace file.
network
low complexity
softing CWE-79
5.4
5.4