This vulnerability involves a Cross Site Scripting (XSS) flaw in the Advantech WebAccess/SCADA 8.0-2015.08.16 product. Specifically, the issue arises in the Create New Project User component where the decryption field can be manipulated by a remote attacker to extract sensitive information. The vulnerability is publicly disclosed but lacks detailed technical data such as CVSS scoring or vendor remediation information. It is not a cloud service, and no known exploits have been reported.

The impact of this vulnerability is the potential unauthorized disclosure of sensitive information through exploitation of the XSS flaw. This could lead to information leakage that may aid further attacks. However, without detailed exploit data or CVSS scoring, the exact severity and scope of the impact remain unclear.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Since no official fix or temporary mitigation is documented, users should monitor vendor communications for updates. Until a patch is available, consider restricting access to the affected component and applying web application firewall rules to detect and block suspicious input targeting the decryption field.