← back
CVE-2021-23854

Reflected XSS in page parameter

CVSS 8.3 HIGHEPSS 0.6%CWE-79
An error in the handling of a page parameter in Bosch IP cameras may lead to a reflected cross site scripting (XSS) in the web-based interface. This issue only affects versions 7.7x and 7.6x. All other versions are not affected.
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
Affected products
Bosch · CPP Firmware

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://psirt.bosch.com/security-advisories/bosch-sa-478243-bt.html