CVE-2024-50561

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V8.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.2). Affected devices do not properly sanitize the filenames before uploading. This could allow an authenticated remote attacker to compromise of integrity of the system.
References
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:siemens:ruggedcom_rm1224_lte\(4g\)_eu_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_rm1224_lte\(4g\)_eu:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:siemens:ruggedcom_rm1224_lte\(4g\)_nam_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_rm1224_lte\(4g\)_nam:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:siemens:scalance_m804pb_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m804pb:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:siemens:scalance_m812-1_\(annex_a\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m812-1_\(annex_a\):-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:siemens:scalance_m812-1_\(annex_b\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m812-1_\(annex_b\):-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:siemens:scalance_m816-1_\(annex_a\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m816-1_\(annex_a\):-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:siemens:scalance_m816-1_\(annex_b\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m816-1_\(annex_b\):-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:siemens:scalance_m826-2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m826-2:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:siemens:scalance_m874-2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m874-2:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:siemens:scalance_m874-3_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m874-3:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:siemens:scalance_m874-3_\(cn\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m874-3_\(cn\):-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:siemens:scalance_m876-3_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m876-3:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:siemens:scalance_m876-3_\(rok\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m876-3_\(rok\):-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:siemens:scalance_m876-4_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m876-4:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:siemens:scalance_m876-4_\(eu\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m876-4_\(eu\):-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:siemens:scalance_m876-4_\(nam\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m876-4_\(nam\):-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:siemens:scalance_mum853-1_\(a1\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_mum853-1_\(a1\):-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:siemens:scalance_mum853-1_\(b1\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_mum853-1_\(b1\):-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND
cpe:2.3:o:siemens:scalance_mum853-1_\(eu\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_mum853-1_\(eu\):-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND
cpe:2.3:o:siemens:scalance_mum856-1_\(a1\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_mum856-1_\(a1\):-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND
cpe:2.3:o:siemens:scalance_mum856-1_\(b1\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_mum856-1_\(b1\):-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND
cpe:2.3:o:siemens:scalance_mum856-1_\(cn\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_mum856-1_\(cn\):-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND
cpe:2.3:o:siemens:scalance_mum856-1_\(eu\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_mum856-1_\(eu\):-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND
cpe:2.3:o:siemens:scalance_mum856-1_\(row\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_mum856-1_\(row\):-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND
cpe:2.3:o:siemens:scalance_s615_eec_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_s615_eec:-:*:*:*:*:*:*:*

Configuration 26 (hide)

AND
cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*

History

13 Nov 2024, 19:57

Type Values Removed Values Added
References () https://cert-portal.siemens.com/productcert/html/ssa-354112.html - () https://cert-portal.siemens.com/productcert/html/ssa-354112.html - Patch, Vendor Advisory
CVSS v2 : unknown
v3 : 4.3
v2 : unknown
v3 : 6.1
First Time Siemens scalance Mum856-1 \(a1\) Firmware
Siemens scalance M876-4
Siemens ruggedcom Rm1224 Lte\(4g\) Eu Firmware
Siemens ruggedcom Rm1224 Lte\(4g\) Eu
Siemens scalance Mum856-1 \(b1\) Firmware
Siemens scalance M812-1 \(annex B\)
Siemens scalance S615
Siemens scalance M804pb Firmware
Siemens scalance M874-3
Siemens scalance S615 Eec
Siemens scalance M876-3 Firmware
Siemens scalance Mum853-1 \(b1\) Firmware
Siemens scalance Mum853-1 \(a1\)
Siemens scalance M874-2
Siemens scalance M816-1 \(annex A\) Firmware
Siemens scalance Mum856-1 \(a1\)
Siemens scalance M812-1 \(annex A\) Firmware
Siemens scalance M876-3
Siemens scalance M876-4 \(eu\) Firmware
Siemens scalance Mum853-1 \(b1\)
Siemens scalance M876-4 Firmware
Siemens scalance Mum853-1 \(eu\) Firmware
Siemens scalance M876-3 \(rok\)
Siemens scalance Mum856-1 \(eu\) Firmware
Siemens scalance Mum856-1 \(b1\)
Siemens scalance Mum856-1 \(eu\)
Siemens scalance M874-3 \(cn\) Firmware
Siemens ruggedcom Rm1224 Lte\(4g\) Nam Firmware
Siemens scalance Mum856-1 \(cn\) Firmware
Siemens scalance M826-2 Firmware
Siemens ruggedcom Rm1224 Lte\(4g\) Nam
Siemens
Siemens scalance M812-1 \(annex B\) Firmware
Siemens scalance S615 Firmware
Siemens scalance Mum856-1 \(row\) Firmware
Siemens scalance M826-2
Siemens scalance M816-1 \(annex B\) Firmware
Siemens scalance M876-4 \(nam\)
Siemens scalance M874-3 \(cn\)
Siemens scalance Mum856-1 \(row\)
Siemens scalance M876-4 \(nam\) Firmware
Siemens scalance Mum853-1 \(a1\) Firmware
Siemens scalance M874-3 Firmware
Siemens scalance M812-1 \(annex A\)
Siemens scalance M876-4 \(eu\)
Siemens scalance Mum856-1 \(cn\)
Siemens scalance S615 Eec Firmware
Siemens scalance M876-3 \(rok\) Firmware
Siemens scalance M816-1 \(annex A\)
Siemens scalance M874-2 Firmware
Siemens scalance Mum853-1 \(eu\)
Siemens scalance M816-1 \(annex B\)
Siemens scalance M804pb
Summary
  • (es) Se ha identificado una vulnerabilidad en RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (Todas las versiones &lt; V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (Todas las versiones &lt; V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (Todas las versiones &lt; V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (Todas las versiones &lt; V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (Todas las versiones &lt; V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (Todas las versiones &lt; V8.2), Enrutador ADSL SCALANCE M816-1 (6GK5816-1BA00-2AA2) (Todas las versiones &lt; V8.2), Enrutador SHDSL SCALANCE M826-2 (6GK5826-2AB00-2AB2) (Todas las versiones &lt; V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (Todas las versiones &lt; V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (Todas las versiones &lt; V8.2), Enrutador 3G SCALANCE M874-3 (CN) (6GK5874-3AA00-2FA2) (Todas las versiones &lt; V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (Todas las versiones &lt; V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (Todas las versiones &lt; V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (Todas las versiones &lt; V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (Todas las versiones &lt; V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (Todas las versiones &lt; V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (Todas las versiones &lt; V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (Todas las versiones &lt; V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (Todas las versiones &lt; V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (Todas las versiones &lt; V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (Todas las versiones &lt; V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (Todas las versiones &lt; V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (Todas las versiones &lt; V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (Todas las versiones &lt; V8.2), SCALANCE Enrutador LAN S615 EEC (6GK5615-0AA01-2AA2) (todas las versiones anteriores a la V8.2), enrutador LAN SCALANCE S615 (6GK5615-0AA00-2AA2) (todas las versiones anteriores a la V8.2). Los dispositivos afectados no desinfectan correctamente los nombres de archivo antes de cargarlos. Esto podría permitir que un atacante remoto autenticado comprometa la integridad del sistema.
CPE cpe:2.3:h:siemens:scalance_m876-4_\(nam\):-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_mum856-1_\(cn\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m876-3_\(rok\):-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_mum856-1_\(a1\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_m804pb_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_mum856-1_\(b1\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_s615_eec:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_rm1224_lte\(4g\)_eu:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_mum853-1_\(b1\):-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_mum853-1_\(eu\):-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m816-1_\(annex_a\):-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_mum853-1_\(b1\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_m874-2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_m874-3_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:ruggedcom_rm1224_lte\(4g\)_eu_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_mum856-1_\(eu\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_m816-1_\(annex_a\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_m874-3_\(cn\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m876-4:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_mum856-1_\(a1\):-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_m876-4_\(nam\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_m812-1_\(annex_b\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_mum853-1_\(a1\):-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_mum853-1_\(eu\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_mum856-1_\(b1\):-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_m876-4_\(eu\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m816-1_\(annex_b\):-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m874-3_\(cn\):-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_m816-1_\(annex_b\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_mum856-1_\(cn\):-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m804pb:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_m876-3_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_m876-3_\(rok\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m812-1_\(annex_b\):-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m874-2:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_mum856-1_\(eu\):-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_m812-1_\(annex_a\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_mum853-1_\(a1\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m826-2:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_mum856-1_\(row\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_mum856-1_\(row\):-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m876-4_\(eu\):-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_s615_eec_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m812-1_\(annex_a\):-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_rm1224_lte\(4g\)_nam:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_m876-4_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_m826-2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m876-3:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m874-3:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:ruggedcom_rm1224_lte\(4g\)_nam_firmware:*:*:*:*:*:*:*:*

12 Nov 2024, 13:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-11-12 13:15

Updated : 2024-11-13 19:57


NVD link : CVE-2024-50561

Mitre link : CVE-2024-50561

CVE.ORG link : CVE-2024-50561


JSON object : View

Products Affected

siemens

  • scalance_mum856-1_\(eu\)_firmware
  • scalance_m874-2_firmware
  • scalance_m876-4_\(nam\)
  • scalance_m812-1_\(annex_a\)
  • scalance_mum856-1_\(b1\)
  • scalance_m876-4_\(eu\)
  • scalance_m816-1_\(annex_a\)_firmware
  • scalance_mum853-1_\(a1\)_firmware
  • scalance_mum853-1_\(a1\)
  • scalance_s615_firmware
  • scalance_m874-3_\(cn\)_firmware
  • scalance_s615_eec_firmware
  • scalance_mum853-1_\(b1\)
  • scalance_mum856-1_\(row\)
  • scalance_m804pb
  • ruggedcom_rm1224_lte\(4g\)_eu_firmware
  • ruggedcom_rm1224_lte\(4g\)_nam_firmware
  • scalance_m876-3_\(rok\)_firmware
  • scalance_m876-3_\(rok\)
  • ruggedcom_rm1224_lte\(4g\)_eu
  • scalance_m876-4
  • scalance_m876-4_firmware
  • scalance_m874-3_\(cn\)
  • scalance_m876-3
  • scalance_mum856-1_\(eu\)
  • scalance_mum853-1_\(eu\)_firmware
  • ruggedcom_rm1224_lte\(4g\)_nam
  • scalance_m876-3_firmware
  • scalance_mum856-1_\(b1\)_firmware
  • scalance_m826-2
  • scalance_mum856-1_\(cn\)_firmware
  • scalance_mum856-1_\(a1\)_firmware
  • scalance_m812-1_\(annex_b\)
  • scalance_m812-1_\(annex_a\)_firmware
  • scalance_m816-1_\(annex_a\)
  • scalance_m804pb_firmware
  • scalance_mum856-1_\(a1\)
  • scalance_m816-1_\(annex_b\)
  • scalance_mum856-1_\(row\)_firmware
  • scalance_m816-1_\(annex_b\)_firmware
  • scalance_m874-3_firmware
  • scalance_m876-4_\(eu\)_firmware
  • scalance_mum856-1_\(cn\)
  • scalance_mum853-1_\(b1\)_firmware
  • scalance_mum853-1_\(eu\)
  • scalance_m812-1_\(annex_b\)_firmware
  • scalance_m876-4_\(nam\)_firmware
  • scalance_s615
  • scalance_m874-2
  • scalance_s615_eec
  • scalance_m826-2_firmware
  • scalance_m874-3
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')