A vulnerability exists in the webserver that affects the RTU500 series product versions listed below. A malicious actor could perform cross-site scripting on the webserver due to an RDT language file being improperly sanitized.
https://www.cisa.gov/news-events/ics-advisories/icsa-25-128-02
https://publisher.hitachienergy.com/preview?DocumentId=8DBD000176&languageCode=en&Preview=true