Modicon Quantum HTTP Server 'formTest' 'name' Parameter XSS
Medium Nessus Plugin ID 119147
SynopsisThe remote web server hosts a script that is affected by a cross- site scripting vulnerability.
DescriptionThe remote web server appears to be a Modicon Quantum controller vulnerable to a reflected cross-site scripting attack. An attacker can leverage this issue to inject arbitrary HTML and script code into a user's browser to be executed within the security context of the affected device.
SolutionApply access controls to prevent the exploitation of this device.