MEDIUM
HMS Industrial Networks
CVE published 2024-07-11
CVE-2024-6558
CISA published advisory ICSA-24-193-20 on 2024-07-11 disclosing a stored cross-site scripting (XSS) vulnerability in HMS Industrial Networks Anybus-CompactCom 30 products. The flaw stems from missing input sanitization, allowing attackers to inject and persist HTML/ JavaScript in input fields. When a user subsequently loads the affected page, the browser executes the payload, creating a vector for social [truncated]