CVE-2023-24529

Name of the Vulnerable Software and Affected Versions BSP application (CRM BSP FRAME) versions 700 through 75H

Description The issue is due to a lack of proper input validation, allowing malicious inputs from untrusted sources. This can be leveraged by an attacker to execute a Reflected Cross-Site Scripting (XSS) attack, potentially hijacking a user session, reading, and modifying sensitive information.

Recommendations For versions 700 through 75H, as a temporary workaround, consider implementing proper input validation to prevent malicious inputs from untrusted sources. Restrict access to sensitive information and user sessions to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.