CVE-2022-34451

Name of the Vulnerable Software and Affected Versions PowerPath Management Appliance versions 3.0 through 3.3

Description The issue concerns a Stored Cross-site Scripting vulnerability. An authenticated admin user could exploit this to hijack user sessions or trick a victim application user into sending arbitrary requests to the server.

Recommendations For versions 3.0 through 3.3, update to a version that contains a fix for this issue to prevent exploitation. As a temporary workaround, consider restricting access to sensitive areas of the application to minimize the risk of session hijacking.