Vulnerabilities > Bosch > Videojet Multi 4000 Firmware > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-10-27 CVE-2022-40183 Cross-site Scripting vulnerability in Bosch Videojet Multi 4000 Firmware
An error in the URL handler of the VIDEOJET multi 4000 may lead to a reflected cross site scripting (XSS) in the web-based interface.
network
high complexity
bosch CWE-79
4.7
2022-10-27 CVE-2022-40184 Cross-site Scripting vulnerability in Bosch Videojet Multi 4000 Firmware
Incomplete filtering of JavaScript code in different configuration fields of the web based interface of the VIDEOJET multi 4000 allows an attacker with administrative credentials to store JavaScript code which will be executed for all administrators accessing the same configuration option.
network
low complexity
bosch CWE-79
4.8