CVE-2022-43711 Information

Description

Interactive Forms (IAF) in GX Software XperienCentral versions 10.29.1 until 10.33.0 was vulnerable to cross site scripting attacks (XSS) because the CSP header uses eval() in the script-src.

Reference

https://service.gxsoftware.com https://service.gxsoftware.com/hc/nl/articles/12208173122461