Tag
ABB B&R Automation Runtime versions before 6.4 are vulnerable to predictable number generation (CVE-2025-3449), reflected XSS (CVE-2025-3448), and CSV injection (CVE-2025-11498), potentially allowing attackers to hijack sessions or execute arbitrary code in a user's browser context.