2 matches found
CVE-2022-26978
Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a URL /checklogin.jsp endpoint. The osusername parameters is not correctly sanitized, leading to reflected XSS...
CVE-2022-26978
Barco Control Room Management Suite (TransForm N) before version 3.14 is affected. The vulnerability is a reflected XSS in the /checklogin.jsp endpoint where the os_username parameter is not properly sanitized, allowing client-side script execution. Exploitation context is network-based via that ...