CVE-2022-43711

Interactive Forms (IAF) in GX Software XperienCentral versions 10.29.1 until 10.33.0 was vulnerable to cross site scripting attacks (XSS) because the CSP header uses eval() in the script-src. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt