First published: Wed Mar 14 2018(Updated: )
A Protection Mechanism Failure issue was discovered in OSIsoft PI Vision versions 2017 and prior. The X-XSS-Protection response header is not set to block, allowing attempts at reflected cross-site scripting.
Credit: ics-cert@hq.dhs.gov
Affected Software | Affected Version | How to fix |
---|---|---|
OSIsoft PI Vision | <=2017 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2018-7504.
The title of this vulnerability is 'A Protection Mechanism Failure issue was discovered in OSIsoft PI Vision versions 2017 and prior.'
The severity of CVE-2018-7504 is medium with a CVSS score of 6.1.
The affected software is OSIsoft PI Vision versions 2017 and prior.
This vulnerability allows attempts at reflected cross-site scripting due to the X-XSS-Protection response header not being set to block.