Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
(CWE-79)
Summary
A cross-site scripting vulnerability in the Builder Component of Pilz PASvisu before 1.14.1 allows a local unauthenticated attacker to inject malicious javascript and gain full control over the device.