The NCCIC has released an advisory on a reflected cross-site scripting vulnerability in SpiderControl SCADA WebServer. Successful exploitation of this vulnerability could allow an attacker to execute JavaScript on the victim’s browser. Versions prior to 2.03.0001 are affected. SpiderControl has released Version 2.03.0001, which fixes the vulnerability.  The NCCIC also recommends a series of defensive measures to minimize the risk of exploitation of these vulnerabilities. NCCIC/ICS-CERT.