Bma · Bma · CVE-2025-8319
**Name of the Vulnerable Software and Affected Versions**
BMA (affected versions not specified)
**Description**
The BMA login interface allows arbitrary JavaScript or HTML to be written directly into the page’s Document Object Model (DOM) via the `error=` URL parameter. This can lead to potential cross-site scripting (XSS) attacks.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.