cvedb.io
CVE-2018-19006
MEDIUM · CVSS 4.8
EPSS exploitation probability: 0%
Published 2019-04-08T15:29:00.763 · Last modified 2026-06-17T01:48:37.577

Summary

OSIsoft PI Vision, versions PI Vision 2017, and PI Vision 2017 R2, The application contains a cross-site scripting vulnerability where displays that reference AF elements and attributes containing JavaScript are affected. This vulnerability requires the ability of authorized AF users to store JavaScript in AF elements and attributes.

Affected products

osisoft — pi_vision

Does this affect you?

Add your gear to cvedb and we'll alert you only when osisoft ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.