CyberSec.Space Logo
CVEブラウザに戻る

CVE-2011-3320

MEDIUM
4.3
CVSS Severity Score
EPSS Score0.0000%
EPSS Percentile8.76th
Published2011年11月2日
Last Modified2026年4月29日

Vulnerability Description

Cross-site scripting (XSS) vulnerability in the Web Administrator component in GE Intelligent Platforms Proficy Historian 4.x and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.

Affected Platforms (CPE)

📦
Ge

Intelligent Platforms Proficy Historian

<= 4.0
📦
Ge

Intelligent Platforms Proficy Historian

= 3.1
📦
Ge

Intelligent Platforms Proficy Historian

= 3.5

References & Advisories

🔗 http://www.securityfocus.com/bid/50473
🔗 http://www.us-cert.gov/control_systems/pdf/ICSA-11-243-02.pdf
🔗 http://www.securityfocus.com/bid/50473
🔗 http://www.us-cert.gov/control_systems/pdf/ICSA-11-243-02.pdf

関連する脆弱性情報

CVE-2011-191810.0

Stack-based buffer overflow in the Data Archiver service in GE Intelligent Platforms Proficy Historian before 3.5 SIM 17 and 4.x b...

CVE-2012-022910.0

The Data Archiver service in GE Intelligent Platforms Proficy Historian 4.5 and earlier allows remote attackers to cause a denial ...

CVE-2012-25159.3

Multiple stack-based buffer overflows in the KeyHelp.KeyCtrl.1 ActiveX control in KeyHelp.ocx 1.2.312 in KeyWorks KeyHelp Module (...

CVE-2012-25169.3

An ActiveX control in KeyHelp.ocx in KeyWorks KeyHelp Module (aka the HTML Help component), as used in GE Intelligent Platforms Pr...