CNNVD-202508-794 Information

Aug 08, 2025 cve

CNNVD ID

CNNVD-202508-794

CVE-2025-8743

CNNVD Published: 2025-08-08

Description (Chinese)

Scada-LTS是Scada-LTS开源的一个开源、基于 web 的多平台解决方案。 Scada-LTS 2.7.8.1及之前版本存在代码注入漏洞，该漏洞源于对参数Name的错误操作，导致跨站脚本。

Description (English)

Scada-LTS is an open source, web-based multi-platform solution for Scada-LTS open source. Scada-LTS 2.7.8.1 and previous versions contain a code-injecting loophole, which results from an error in the parameter name and leads to a cross-site script.

Hazard Level

Critical

Vulnerability Type

代码注入

Published

2025-08-08

Last Modified

2026-02-24

References

https://github.com/marcelomulder/CVE/blob/main/Scada-LTS/Cross-Site_Scripting_(XSS)_Stored_endpoint_data_source_edit.shtm_parameter_name.md#poc https://github.com/marcelomulder/CVE/blob/main/Scada-LTS/CVE-2025-8743.md https://vuldb.com/?ctiid.319239 https://vuldb.com/?id.319239 https://vuldb.com/?submit.623428 https://access.redhat.com/security/cve/cve-2025-8743

Share on: