Multiple Reflected XSS Vulnerabilities in BPC SmartVista 3.28.0: Exploiting Error Message Handling

Multiple Reflected XSS Vulnerabilities in BPC SmartVista 3.28.0: Exploiting Error Message Handling

CVE-2022-35554 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Multiple reflected XSS vulnerabilities occur when handling error message of BPC SmartVista version 3.28.0 allowing an attacker to execute javascript code at client side.

Learn more about our Web Application Penetration Testing UK.