CVE-2020-7546

CVE-2020-7546

Vendor N/A
Product EcoStruxureª and SmartStruxureª Power Monitoring and SCADA Software (see security notification for version information)
Weakness CWE-79 · XSS
Published December 1, 2020
Last update August 4, 2024
View on NVD All CVEs

CVSS base score

What the vulnerability does

01Description

A CWE-79: Improper Neutralization of Input During Web Page Generation vulnerability exists in EcoStruxureª and SmartStruxureª Power Monitoring and SCADA Software (see security notification for version information) that could allow an attacker to perform actions on behalf of the authorized user when accessing an affected webpage.

Key dates

02Disclosure timeline

December 1, 2020 CVE published
August 4, 2024 Record updated

Related vulnerabilities

04Related CVE

CVE-2025-39528 WordPress Rescue Shortcodes plugin <= 3.1 - Cross Site Scripting (XSS) vulnerability CVE-2026-2735 Stored Cross-Site Scripting (XSS) vulnerability in Alkacon's OpenCms CVE-2024-4863 Gutenberg Blocks by Kadence Blocks – Page Builder Features <= 3.2.38 - Authenticated (Contributor+) Stored Cross-Site Scripting via titleFont Parameter CVE-2022-34857 WordPress SP Project & Document Manager plugin <= 4.59 - Reflected Cross-Site Scripting (XSS) vulnerability CVE-2025-57786