CVE-2015-0513

Name of the Vulnerable Software and Affected Versions EMC M&R (aka Watch4Net) versions prior to 6.5u1 ViPR SRM versions prior to 3.6.1

Description The issue concerns multiple cross-site scripting (XSS) vulnerabilities in the administrative user interface. These vulnerabilities allow remote authenticated users with privileged access to inject arbitrary web script or HTML by setting crafted values of unspecified fields.

Recommendations For EMC M&R (aka Watch4Net) versions prior to 6.5u1, update to version 6.5u1 or later. For ViPR SRM versions prior to 3.6.1, update to version 3.6.1 or later.