CVE-2026-24323 — The BSP applications allow an unauthenticated user to inject malicious script content via user-controlled URL parameters that are not sufficiently sanitized. When a victim accesses a crafted URL, the — CVE Database · The Intelligence Room