Unrated severityNVD Advisory· Published Dec 8, 2021· Updated Sep 17, 2024

Reflected Cross Site Scripting (XSS) vulnerability in Bosch VRM / BVMS

CVE-2021-23860

Description

An error in a page handler of the VRM may lead to a reflected cross site scripting (XSS) in the web-based interface. To exploit this vulnerability an attack must be able to modify the HTTP header that is sent. This issue also affects installations of the DIVAR IP and BVMS with VRM installed.

Affected products

Bosch/Divar Ip All In One 5000v5
Range: all

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

psirt.bosch.com/security-advisories/bosch-sa-043434-bt.htmlmitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000