TranzAxis 3.2.41.10.26 - Authenticated Stored Cross-Site Scripting via Open Object in Tree Endpoint
TranzAxis 3.2.41.10.26 allows authenticated users to inject cross-site scripting via the `Open Object in Tree` endpoint, allowing attackers to steal session cookies and potentially escalate privileges.