CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2022-26978
https://notcve.org/view.php?id=CVE-2022-26978
Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a URL /checklogin.jsp endpoint. The os_username parameters is not correctly sanitized, leading to reflected XSS. La aplicación web Barco Control Room Management Suite, que forma parte de TransForm N versiones anteriores a 3.14, expone un endpoint URL /checklogin.jsp. Los parámetros os_username no están correctamente saneados, conllevando a un XSS reflejado • https://www.barco.com/en/support/knowledge-base/KB12686 https://www.barco.com/en/support/transform-n-management-server • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2022-26977
https://notcve.org/view.php?id=CVE-2022-26977
Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a license file upload mechanism. Lack of input sanitization of the upload mechanism is leads to stored XSS. La aplicación web Barco Control Room Management Suite, que forma parte de TransForm N versiones anteriores a 3.14, expone un mecanismo de carga de archivos de licencia. Una falta de saneo de la entrada del mecanismo de carga conlleva a un XSS almacenado • https://www.barco.com/en/support/knowledge-base/KB12683 https://www.barco.com/en/support/transform-n-management-server • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2022-26976
https://notcve.org/view.php?id=CVE-2022-26976
Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a license file upload mechanism. Lack of input sanitization in the upload mechanism is leads to reflected XSS. La aplicación web Barco Control Room Management Suite, que forma parte de TransForm N versiones anteriores a 3.14, expone un mecanismo de carga de archivos de licencia. Una falta de saneo de entradas en el mecanismo de carga conlleva a un XSS reflejado • https://www.barco.com/en/support/knowledge-base/KB12682 https://www.barco.com/en/support/transform-n-management-server • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-26975
https://notcve.org/view.php?id=CVE-2022-26975
Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing log files without authentication. La aplicación web Barco Control Room Management Suite, que forma parte de TransForm N versiones anteriores a 3.14, expone archivos de registro sin autenticación • https://www.barco.com/en/support/knowledge-base/KB12677 https://www.barco.com/en/support/transform-n-management-server • CWE-287: Improper Authentication •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2022-26974
https://notcve.org/view.php?id=CVE-2022-26974
Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a file upload mechanism. Lack of input sanitization in the upload mechanism leads to reflected XSS. La aplicación web Barco Control Room Management Suite, que forma parte de TransForm N versiones anteriores a 3.14, está exponiendo un mecanismo de carga de archivos. Una falta de saneo de entradas en el mecanismo de carga conlleva a un XSS reflejado • https://www.barco.com/en/support/knowledge-base/KB12684 https://www.barco.com/en/support/transform-n-management-server • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •