OpenPLC ScadaBR contains a cross-site scripting vulnerability accessible via the system_settings.shtm file. This vulnerability affects an open-source SCADA component that could be used by different industrial control products. The XSS vulnerability could potentially allow attackers to execute malicious scripts in the context of the SCADA application. Given its industrial control system context and potential for broader impact across multiple products using this component, this represents a significant security concern for operational technology environments.