[BRLY-2023-007] Cross-site scripting vulnerability in Supermicro BMC IPMI firmware in the config_ip_ctrl_change webpage using index GET parameter
Binarly REsearch Team has discovered a DOM-based cross-site scripting (XSS) vulnerability in the config_ip_ctrl_change webpage that uses index GET parameter, included in the web server component of Supermicro BMC IPMI firmware, allowing a possible attacker to gain access to an account with administrator privileges.