Description

A vulnerability has been identified in Teamcenter Active Workspace V5.2 (All versions < V5.2.9), Teamcenter Active Workspace V6.0 (All versions < V6.0.3). A reflected cross-site scripting (XSS) vulnerability exists in the web interface of the affected application that could allow an attacker to execute malicious code by tricking users into accessing a malicious link.

Related CPE's

a

siemens

teamcenter_active_workspace

2

References

https://cert-portal.siemens.com/productcert/pdf/ssa-401167.pdf

PatchVendor Advisory

https://cert-portal.siemens.com/productcert/pdf/ssa-401167.pdf

PatchVendor Advisory

Weaknesses

[email protected]

Secondary
CWE-79

[email protected]

Primary
CWE-79

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

6.1 · Medium

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2022-06-14T08:15:20.657Z

3 years ago

Last modified

2024-11-21T06:05:50.277Z

1 year ago