Name of the Vulnerable Software and Affected Versions Галактика ERP (affected versions not specified)

Description The issue is related to a component that allows sending messages to connected users in the Галактика ERP enterprise resource management system. It is caused by insufficient protection of the web page structure. An attacker can exploit this issue by sending a special message with script tags, allowing them to execute arbitrary JavaScript code in the browser of a connected client.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.