CVE-2021-23860

An error in a page handler of the VRM may lead to a reflected cross site scripting (XSS) in the web-based interface. To exploit this vulnerability an attack must be able to modify the HTTP header that is sent. This issue also affects installations of the DIVAR IP and BVMS with VRM installed.

CONFIRM: https://psirt.bosch.com/security-advisories/bosch-sa-043434-bt.html
CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23860

15 years
257 countries
718k users
4697k calculations
Logo www.i4wifi.cz
Logo www.a1securitycameras.com
Logo blog.camcloud.com
Logo www.eleksys.cz
Logo www.clarecontrols.com
Logo ru.kedacom.com