CVE-2022-26977 Information

Description

Barco Control Room Management Suite web application which is part of TransForm N before 3.14 is exposing a license file upload mechanism. Lack of input sanitization of the upload mechanism is leads to stored XSS.

Reference

https://www.barco.com/en/support/transform-n-management-server https://www.barco.com/en/support/knowledge-base/KB12683