This vulnerability in Caspio Bridge Custom Database Applications arises from improper neutralization of input during web page generation, leading to a DOM-based cross-site scripting (XSS) issue. It affects all versions up to 2.1. The CVSS score is 6.5 (medium severity), with an attack vector of network, low attack complexity, requiring low privileges and user interaction, and it impacts confidentiality, integrity, and availability to a limited degree. No vendor advisory or patch information is available to confirm remediation status.

Successful exploitation of this vulnerability could allow an attacker to execute arbitrary scripts in the context of the affected application, potentially leading to limited disclosure of information, modification of data, and disruption of service. The impact is rated medium based on the CVSS score and vector, indicating some risk but not critical system compromise. There are no known active exploits reported.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix or mitigation is released, users should exercise caution with untrusted input and consider implementing additional input validation or output encoding controls where possible. Monitor vendor communications for updates on patches or official mitigations.