Multiple reflected cross-site scripting (XSS) vulnerabilities in the ErroreNonGestito.aspx component of GruppoSCAI RealGimm 1.1.37p38 allow attackers to execute arbitrary Javascript in the context of a victim user’s browser via a crafted payload injected into the VIEWSTATE parameter.
View the template here CVE-2023-41642.yaml
References:
https://nvd.nist.gov/vuln/detail/CVE-2023-41642