Persistent XSS Vulnerability in TCMAN GIM v8.0.1

Persistent XSS Vulnerability in TCMAN GIM v8.0.1

CVE-2022-36277 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

The 'sReferencia', 'sDescripcion', 'txtCodigo' and 'txtDescripcion' parameters, in the frmGestionStock.aspx and frmEditServicio.aspx files in TCMAN GIM v8.0.1, could allow an attacker to perform persistent XSS attacks.

Learn more about our Web Application Penetration Testing UK.