Hitachi Energy Asset Suite Media Upload Component Vulnerability Allowing Cross-Site Scripting

Vulnerability

A vulnerability has been identified in the media upload feature of Hitachi Energy Asset Suite. This issue affects several versions and, if exploited, could allow an attacker to execute JavaScript code in the context of the user's session with the application. Such exploitation could compromise the confidentiality or integrity of the system.

Impact

Exploitation of this vulnerability could lead to cross-site scripting, allowing for the execution of malicious scripts in the user's browser.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

1.7

exploitability

4.6

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

1.7

exploitability

4.6

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Hitachi Energy Asset Suite Media Upload Component Vulnerability Allowing Cross-Site Scripting

Vulnerability

Impact

Affected Products

Hitachi Energy Asset Suite

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating