CVE-2021-31558
EUVD-2021-1845522.12.2021, 19:15
DIAEnergie Version 1.7.5 and prior is vulnerable to stored cross-site scripting when an unauthenticated user injects arbitrary code into the parameter “descr” of the script “DIAE_hierarchyHandler.ashx”.
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| deltaww | diaenergie | 𝑥 ≤ 1.7.5 |
𝑥
= Vulnerable software versions