CVE-2011-3144

N/A Unknown

Published: August 16, 2011 Modified: April 29, 2026

Description

Cross-site scripting (XSS) vulnerability in Control Microsystems ClearSCADA 2005, 2007, and 2009 before R2.3 and R1.4, as used in SCX before 67 R4.5 and 68 R3.9, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://secunia.com/advisories/44955

Source: cve@mitre.org

Third Party Advisory

http://www.digitalbond.com/scadapedia/vulnerability-notes/control-microsystems-cross-site-scripting-vulnerability/

Source: cve@mitre.org

Third Party Advisory

http://www.osvdb.org/72987

Source: cve@mitre.org

Broken Link

http://www.us-cert.gov/control_systems/pdf/ICSA-10-314-01.pdf

Source: cve@mitre.org

Patch Third Party Advisory US Government Resource

http://www.us-cert.gov/control_systems/pdf/ICSA-10-314-01A.pdf

Source: cve@mitre.org

Patch Third Party Advisory US Government Resource

http://secunia.com/advisories/44955