An error in a page handler of the VRM may lead to a reflected cross site scripting (XSS) in the web-based interface. To exploit this vulnerability an attack must be able to modify the HTTP header that is sent. This issue also affects installations of the DIVAR IP and BVMS with VRM installed.
References
Link | Resource |
---|---|
https://psirt.bosch.com/security-advisories/bosch-sa-043434-bt.html | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: bosch
Published: 2021-12-08T00:00:00
Updated: 2021-12-08T21:17:28
Reserved: 2021-01-12T00:00:00
Link: CVE-2021-23860
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-12-08T22:15:08.473
Modified: 2021-12-14T16:36:10.037
Link: CVE-2021-23860
JSON object: View
Redhat Information
No data.
CWE