Product
An authenticated attacker with high privileges can exploit CVE-2026-9292, a Stored Cross-Site Scripting (XSS) vulnerability, in Rockwell Automation FactoryTalk DataMosaix Private Cloud versions 8.02 and earlier by injecting malicious scripts into the Workflows configuration, leading to execution of malicious JavaScript in other users' browsers and potential account takeover or credential theft.