May 12, 2020

CISA has updated this advisory with additional information on the affected products and mitigation measures. Read the advisory at CISA.

September 12, 2019

CISA has published an advisory on a cross-site scripting vulnerability in 3S-Smart Software Solutions GmbH CODESYS V3 Library Manager. All 32 and 64 bit CODESYS Development System V3 versions prior to 3.5.15.0 are affected by this vulnerability. Successful exploitation of this vulnerability may allow malicious content from manipulated libraries to be displayed or executed. 3S-Smart Software Solutions GmbH has released Version 3.5.15.0 to resolve this vulnerability for all affected CODESYS products. CISA also recommends a series of measures for mitigating the vulnerability. Read the advisory at CISA.