Jay Mehta

**Name of the Vulnerable Software and Affected Versions** My Cloud web app (affected versions not specified) My Cloud Home web app (affected versions not specified) SanDisk ibi web app (affected versions not specified) WD Cloud web app (affected versions not specified) **Description** A Cross-Site Scripting (XSS) issue was found in the web apps for My Cloud, My Cloud Home, SanDisk ibi, and WD Cloud devices. This could allow an attacker to redirect users to a crafted domain to reset their credentials or execute arbitrary client-side code in the user's browser session for malicious activities. **Recommendations** For My Cloud web app, the web app has been automatically updated to resolve this issue. For My Cloud Home web app, the web app has been automatically updated to resolve this issue. For SanDisk ibi web app, the web app has been automatically updated to resolve this issue. For WD Cloud web app, the web app has been automatically updated to resolve this issue.