CISA has published an advisory on a cross-site scripting vulnerability in Reliable Controls MACH-ProWebCom/Sys. For both MACH-ProWebSys and MACH-ProWebCom, all versions prior to 2.15 (firmware version prior to 8.26.4) are affected. Successful exploitation of this vulnerability could allow an attacker to execute commands on behalf of the affected user. Reliable Controls has released MACH-ProWebCom/Sys firmware revision 8.26.4 and software revision 2.15 to resolve the vulnerability. CISA also recommends a series of measures to mitigate the vulnerability. Read the advisory at CISA.