CISA has released an advisory on improper access control, cross-site request forgery (CSRF), cross-site scripting, and inclusion of sensitive information in log files vulnerabilities in OSIsoft LLC PI Vision. Multiple products and versions of these products are affected. Successful exploitation of these vulnerabilities may allow disclosure of sensitive information and limit the availability of the system. OSIsoft recommends users upgrade to PI Vision 2019 and also offers defensive measures to resolve these issues. CISA also recommends a series of measures to mitigate the vulnerability. Read the advisory at CISA.