CVE-2022-46381

Name of the Vulnerable Software and Affected Versions Linear eMerge E3-Series versions 0.32-07e through 0.32-09c

Description The issue affects certain Linear eMerge E3-Series devices, where they are vulnerable to XSS via the type parameter, specifically in the badging/badge template v0.php component.

Recommendations For versions 0.32-07e through 0.32-09c, as a temporary workaround, consider restricting access to the badging/badge template v0.php component until a patch is available. Avoid using the type parameter in the affected component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.