Patches (limited access): https://wdn.wonderware.com/sites/WDN/Pages/Downloads/Software.aspx
ICS-CERT advisory ICSA-13-113-01: https://ics-cert.us-cert.gov/advisories/ICSA-13-113-01\
- SQLi ~10 instances
- XSS ~30 instances
- XXE/XXE OOB/“ADSI Injection” and other interesting stuff…
Thanks to Invensys security team for collaboration and rapid fixes.