Remote Code Injection Vulnerability in Transtek Mojodat FAM (Fixed Asset Management) 2.4.6

Remote Code Injection Vulnerability in Transtek Mojodat FAM (Fixed Asset Management) 2.4.6

CVE-2022-38771 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

The mobile application in Transtek Mojodat FAM (Fixed Asset Management) 2.4.6 allows remote attackers to send SCRIPT tags as injected input to the API request.

Learn more about our Api Penetration Testing.