CVE-2023-48255 Information

Description

The vulnerability allows an unauthenticated remote attacker to send malicious network requests containing arbitrary client-side script code and obtain its execution inside a victim’s session via a crafted URL HTTP request or simply by waiting for the victim to view the poisoned log.

Reference

https://psirt.bosch.com/security-advisories/BOSCH-SA-711465.html