CVE-2021-23860

An error in a page handler of the VRM may lead to a reflected cross site scripting (XSS) in the web-based interface. To exploit this vulnerability an attack must be able to modify the HTTP header that is sent. This issue also affects installations of the DIVAR IP and BVMS with VRM installed.

CONFIRM: https://psirt.bosch.com/security-advisories/bosch-sa-043434-bt.html
CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23860

14 years
257 countries
689k users
4555k calculations
Logo secutek.cz
Logo www.use-ip.co.uk
Logo www.elsec.cz
Logo www.systemy-stech.cz
Logo www.eleksys.cz
Logo www.power-shop.gr