Vulnerability Details CVE-2021-23854
An error in the handling of a page parameter in Bosch IP cameras may lead to a reflected cross site scripting (XSS) in the web-based interface. This issue only affects versions 7.7x and 7.6x. All other versions are not affected.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 52.3%
CVSS Severity
CVSS v3 Score 8.3
CVSS v2 Score 4.3
References
Products affected by CVE-2021-23854
-
cpe:2.3:h:bosch:cpp13:-
-
cpe:2.3:h:bosch:cpp6:-
-
cpe:2.3:h:bosch:cpp7.3:-
-
cpe:2.3:h:bosch:cpp7:-
-
cpe:2.3:o:bosch:cpp13_firmware:7.75
-
cpe:2.3:o:bosch:cpp13_firmware:7.76
-
cpe:2.3:o:bosch:cpp6_firmware:7.62
-
cpe:2.3:o:bosch:cpp6_firmware:7.70
-
cpe:2.3:o:bosch:cpp6_firmware:7.72
-
cpe:2.3:o:bosch:cpp7.3_firmware:7.62
-
cpe:2.3:o:bosch:cpp7.3_firmware:7.70
-
cpe:2.3:o:bosch:cpp7.3_firmware:7.72
-
cpe:2.3:o:bosch:cpp7_firmware:7.62
-
cpe:2.3:o:bosch:cpp7_firmware:7.70
-
cpe:2.3:o:bosch:cpp7_firmware:7.72