CVE-2018-11450 - AskarLabs CVE Database

CVE-2018-11450

Vendor Siemens Ag

Product Siemens PLM Software TEAMCENTER

Weakness CWE-79 · XSS

Published July 9, 2018

Last update September 16, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

A reflected Cross-Site-Scripting (XSS) vulnerability has been identified in Siemens PLM Software TEAMCENTER (V9.1.2.5). If a user visits the login portal through the URL crafted by the attacker, the attacker can insert html/javascript and thus alter/rewrite the login portal page. Siemens PLM Software TEAMCENTER V9.1.3 and newer are not affected.

Key dates

02Disclosure timeline

July 9, 2018 CVE published

September 16, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2018-11450 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/79.html

Related vulnerabilities

04Related CVE

CVE-2025-55064 Priority - CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') CVE-2026-35014 Open ISES Tickets < 3.44.2 Reflected XSS via routes_nm.php ticket_id Parameter CVE-2024-7939 Stored Cross-site Scripting (XSS) vulnerability affecting 3DSwym in 3DSwymer on Release 3DEXPERIENCE R2024x CVE-2023-35929 Tuleap Cross-site Scripting vulnerability in the card field of the agile dashboard apps CVE-2023-1853 SourceCodester Online Payroll System employee_edit.php cross site scripting