CyberSec.Space Logo
Back to CVE Browser

CVE-2011-3320

MEDIUM
4.3
CVSS Severity Score
EPSS Score0.0000%
EPSS Percentile8.76th
PublishedNov 2, 2011
Last ModifiedApr 29, 2026

Vulnerability Description

Cross-site scripting (XSS) vulnerability in the Web Administrator component in GE Intelligent Platforms Proficy Historian 4.x and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.

Affected Platforms (CPE)

πŸ“¦
Ge

Intelligent Platforms Proficy Historian

<= 4.0
πŸ“¦
Ge

Intelligent Platforms Proficy Historian

= 3.1
πŸ“¦
Ge

Intelligent Platforms Proficy Historian

= 3.5

References & Advisories

πŸ”— http://www.securityfocus.com/bid/50473
πŸ”— http://www.us-cert.gov/control_systems/pdf/ICSA-11-243-02.pdf
πŸ”— http://www.securityfocus.com/bid/50473
πŸ”— http://www.us-cert.gov/control_systems/pdf/ICSA-11-243-02.pdf

Related Vulnerabilities

CVE-2011-191810.0

Stack-based buffer overflow in the Data Archiver service in GE Intelligent Platforms Proficy Historian before 3.5 SIM 17 and 4.x b...

CVE-2012-022910.0

The Data Archiver service in GE Intelligent Platforms Proficy Historian 4.5 and earlier allows remote attackers to cause a denial ...

CVE-2012-25159.3

Multiple stack-based buffer overflows in the KeyHelp.KeyCtrl.1 ActiveX control in KeyHelp.ocx 1.2.312 in KeyWorks KeyHelp Module (...

CVE-2012-25169.3

An ActiveX control in KeyHelp.ocx in KeyWorks KeyHelp Module (aka the HTML Help component), as used in GE Intelligent Platforms Pr...