Unrated severityNVD Advisory· Published Nov 2, 2011· Updated Jun 16, 2026
CVE-2011-3320
CVE-2011-3320
Description
Cross-site scripting (XSS) vulnerability in the Web Administrator component in GE Intelligent Platforms Proficy Historian 4.x and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.
Affected products
4cpe:2.3:a:ge:intelligent_platforms_proficy_historian:*:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:ge:intelligent_platforms_proficy_historian:*:*:*:*:*:*:*:*range: <=4.0
- cpe:2.3:a:ge:intelligent_platforms_proficy_historian:3.1:*:*:*:*:*:*:*
- cpe:2.3:a:ge:intelligent_platforms_proficy_historian:3.5:*:*:*:*:*:*:*
- Range: <=4.x
Patches
Vulnerability mechanics
References
2- www.us-cert.gov/control_systems/pdf/ICSA-11-243-02.pdfnvdUS Government Resource
- www.securityfocus.com/bid/50473nvd
News mentions
0No linked articles in our index yet.