Stored XSS Vulnerability in MegaBIP and SmodBIP Software

Stored XSS Vulnerability in MegaBIP and SmodBIP Software

CVE-2023-5378 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Improper Input Validation vulnerability in MegaBIP and already unsupported SmodBIP software allows for Stored XSS.This issue affects SmodBIP in all versions and MegaBIP in versions up to 4.36.2. MegaBIP 5.08 was tested and is not vulnerable. A precise range of vulnerable versions remains unknown.

Learn more about our Web Application Penetration Testing UK.