CVE-2026-6995

Name of the Vulnerable Software and Affected Versions BDCOM P3310D version 0.4.2 10.1.0F Build 86345

Description A security flaw in the New User Page component allows remote attackers to perform cross-site scripting (XSS), which is a technique where malicious scripts are injected into trusted websites. The issue exists within an unknown function of the '/index.asp' endpoint, specifically through the manipulation of the User name argument.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.