CVE-2022-36277

Name of the Vulnerable Software and Affected Versions TCMAN GIM version 8.0.1

Description The issue concerns the sReferencia, sDescripcion, txtCodigo, and txtDescripcion parameters in the "frmGestionStock.aspx" and "frmEditServicio.aspx" files, which could allow an attacker to perform persistent XSS attacks.

Recommendations For TCMAN GIM version 8.0.1, consider restricting or sanitizing the input for the sReferencia, sDescripcion, txtCodigo, and txtDescripcion parameters in the affected files to prevent XSS attacks. As a temporary workaround, restrict access to the frmGestionStock.aspx and frmEditServicio.aspx files until a patch is available.