Cross-site scripting (XSS) vulnerability in Cogent DataHub 7.1.2 and earlier, Cascade DataHub 6.4.20 and earlier, and OPC DataHub 6.4.20 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
2012-01-13T04:14:38.987
2025-04-11T00:51:21.963
Deferred
CVSSv2: 4.3 (MEDIUM)
AV:N/AC:M/Au:N/C:N/I:P/A:N
8.6
2.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | cogentdatahub | cascade_datahub | ≤ 6.4.20 | Yes |
| Application | cogentdatahub | cogent_datahub | ≤ 7.1.2 | Yes |
| Application | cogentdatahub | cogent_datahub | 7.0 | Yes |
| Application | cogentdatahub | cogent_datahub | 7.0.2 | Yes |
| Application | cogentdatahub | cogent_datahub | 7.1.0 | Yes |
| Application | cogentdatahub | cogent_datahub | 7.1.1 | Yes |
| Application | cogentdatahub | cogent_datahub | 7.1.1.63 | Yes |
| Application | cogentdatahub | opc_datahub | ≤ 6.4.20 | Yes |