Scada-LTS Stored Cross-Site Scripting Vulnerability in PointHierarchy Endpoint

A stored cross-site scripting vulnerability has been identified in Scada-LTS version 2.7.8.1. The issue resides in the pointHierarchy/new/ endpoint, where user input in the Title argument is not properly validated or sanitized. This flaw allows for the injection of malicious scripts, which are stored on the server and executed automatically when the page is accessed by users. The vulnerability can be exploited remotely, although it may require administrative permissions.

Impact

Exploitation of this vulnerability allows for stored cross-site scripting, where injected scripts are executed in the context of the user accessing the affected page. This could lead to session hijacking, credential theft, delivery of malware, and defacement of websites, among other risks.

Reproduction

To reproduce this vulnerability, access the pointHierarchy/new/ endpoint. Click on the '+' button to add a new entry, then insert a script payload into the Title field. After saving the entry by clicking the 'Yes' button, the injected script will be executed automatically.