2023-03-28 20:06:56
icscert
PUBLISHED
Osprey Pump Controller version 1.01 inputs passed to a GET parameter are not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML/JS code in a users browser session in context of an affected site.