Vulnerability CVE-2023-0746
Published: 2023-03-10

Description:
The help page in GigaVUE-FM, when using GigaVUE-OS software version 5.0 202, does not require an authenticated user. An attacker could enforce a user into inserting malicious JavaScript code into the URI, that could lead to a Reflected Cross site Scripting.

 References:
https://www.incibe-cert.es/en/early-warning/ics-advisories/xss-vulnerability-gigavue-fm
Copyright 2026, cxsecurity.com

 

Back to Top