CVE-2022-40183 Information

Description

An error in the URL handler of the VIDEOJET multi 4000 may lead to a reflected cross site scripting (XSS) in the web-based interface. An attacker with knowledge of the encoder address can send a crafted link to a user which will execute JavaScript code in the context of the user.

Reference

https://psirt.bosch.com/security-advisories/bosch-sa-454166-bt.html