CVE-2022-38771

Name of the Vulnerable Software and Affected Versions Transtek Mojodat FAM (Fixed Asset Management) version 2.4.6

Description The issue allows remote attackers to send SCRIPT tags as injected input to the API request, potentially leading to security issues.

Recommendations For version 2.4.6, consider restricting access to the API endpoint to minimize the risk of exploitation until a patch is available. Avoid using the API request that allows injected input until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.