Cross site scripting

2021-06-0915:15:00

PRIOn knowledge base

www.prio-n.com

0.001 Low

EPSS

Percentile

34.0%

JSON

An error in the handling of a page parameter in Bosch IP cameras may lead to a reflected cross site scripting (XSS) in the web-based interface. This issue only affects versions 7.7x and 7.6x. All other versions are not affected.

CPENameOperatorVersion
cpp13_firmwareeq7.75
cpp13_firmwareeq7.76
cpp6_firmwareeq7.62
cpp6_firmwareeq7.70
cpp6_firmwareeq7.72
cpp7.3_firmwareeq7.62
cpp7.3_firmwareeq7.70
cpp7.3_firmwareeq7.72
cpp7_firmwareeq7.62
cpp7_firmwareeq7.70

Name	Operator	Version
cpp13_firmware	eq	7.75
cpp13_firmware	eq	7.76
cpp6_firmware	eq	7.62
cpp6_firmware	eq	7.70
cpp6_firmware	eq	7.72
cpp7.3_firmware	eq	7.62
cpp7.3_firmware	eq	7.70
cpp7.3_firmware	eq	7.72
cpp7_firmware	eq	7.62
cpp7_firmware	eq	7.70

Rows per page:

1-10 of 111

References

psirt.bosch.com/security-advisories/bosch-sa-478243-bt.html

0.001 Low

EPSS

Percentile

34.0%

JSON

Related for PRION:CVE-2021-23854