Stored XSS Vulnerability in Barco Control Room Management Suite Web Application
CVE-2022-26977
6.1MEDIUM
What is CVE-2022-26977?
The Barco Control Room Management Suite web application, specifically versions of TransForm N prior to 3.14, is vulnerable due to an insecure license file upload mechanism. This flaw arises from inadequate input sanitization, resulting in a stored cross-site scripting (XSS) vulnerability. Attackers may exploit this issue to inject malicious scripts into the application, potentially compromising user data and session integrity.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
References
CVSS V3.1
Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved