CVE-2026-9292
Rockwell Automation FactoryTalk® DataMosaix™ Private Cloud - Stored Cross-Site Scripting
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
A Stored Cross-Site Scripting security issue exists within FactoryTalk® DataMosaix™ Private Cloud. The vulnerability stems from improper neutralization of user-supplied input within the Workflows configuration. An authenticated attacker with high privileges can inject malicious scripts that are permanently stored on the server. This vulnerability can result in the execution of malicious JavaScript when other users access the affected page, potentially allowing for account takeover, credential theft, or redirection to a malicious website.
| CWE | CWE-79 |
| Vendor | rockwell automation |
| Product | factorytalk® datamosaix™ private cloud |
| Published | Jul 14, 2026 |
| Last Updated | Jul 14, 2026 |
Stay Ahead of the Next One
Get instant alerts for rockwell automation factorytalk® datamosaix™ private cloud
Be the first to know when new unknown vulnerabilities affecting rockwell automation factorytalk® datamosaix™ private cloud are published — delivered to Slack, Telegram or Discord.
Get Free Alerts →
Free · No credit card · 60 sec setup
Affected Versions
Rockwell Automation / FactoryTalk® DataMosaix™ Private Cloud
Version 8.02 and below