CVE-2021-23860

An error in a page handler of the VRM may lead to a reflected cross site scripting (XSS) in the web-based interface. To exploit this vulnerability an attack must be able to modify the HTTP header that is sent. This issue also affects installations of the DIVAR IP and BVMS with VRM installed.

CONFIRM: https://psirt.bosch.com/security-advisories/bosch-sa-043434-bt.html
CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23860

14 years
257 countries
685k users
4536k calculations
Logo www.cctvforum.com
Logo www.clarecontrols.com
Logo sectech.co.nz
Logo www.kelcom.cz
Logo www.elsec.cz
Logo ipcamtalk.com