2025-12-31 18:40:54
VulnCheck
PUBLISHED
COMMAX Biometric Access Control System 1.0.0 contains an unauthenticated reflected cross-site scripting vulnerability in cookie parameters CMX_ADMIN_NM and CMX_COMPLEX_NM. Attackers can inject malicious HTML and JavaScript code into these cookie values to execute arbitrary scripts in a victims browser session.