MEDIUM
ITP Technology
CVE published 2026-05-29
CVE-2026-10057
ITS Intelligent SCADA System developed by ITP Technology contains a stored cross-site scripting (XSS) vulnerability. A privileged remote attacker can inject persistent JavaScript that executes in users' browsers when affected pages are loaded. The vulnerability is classified as CWE-79 (Improper Neutralization of Input During Web Page Generation). The CVSS 4.0 vector indicates network attack vector, low at [truncated]