EPSS
Percentile
37.3%
Knowage Suite before 7.4 is vulnerable to cross-site scripting (XSS). An attacker can inject arbitrary external script in β/knowagecockpitengine/api/1.0/pages/executeβ via the βSBI_HOSTβ parameter.
github.com/piuppi/Proof-of-Concepts/blob/main/Engineering/XSSI-KnowageSuite.md