MidnightBSD

Advisories for nordex

CVE-2014-5408 HIGH

Cross-site scripting (XSS) vulnerability in the login script in the Wind Farm Portal on Nordex Control 2 (NC2) SCADA devices 15 and earlier allows remote attackers to inject arbitrary web script or HTML via the username parameter.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-79,CWE-79,

Products Affected

Vendor Product Version
nordex nordex_control_2_scada *
CVE-2015-6477 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in the Wind Farm Portal application in Nordex Control 2 (NC2) SCADA 16 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
nordex nordex_control_2_scada *