The vulnerability allows a remote attacker to inject and execute arbitrary client-side script code inside a victim’s session via a crafted URL or HTTP request.Referenceshttps://psirt.bosch.com/security-advisories/BOSCH-SA-711465.html
