A vulnerability exists in the webserver that affects the RTU500 series product versions listed below. A malicious actor could perform cross-site scripting on the webserver due to an RDT language file being improperly sanitized.
https://publisher.hitachienergy.com/preview?DocumentId=8DBD000176&languageCode=en&Preview=true