CVE-2022-26972 Information

Description

Barco Control Room Management Suite web application which is part of TransForm N before 3.14 is exposing a URL /cgi-bin endpoint. The URL parameters are not correctly sanitized leading to reflected XSS.

Reference

https://www.barco.com/en/support/transform-n-management-server https://www.barco.com/en/support/knowledge-base/KB12685