CVE-2019-14415

Name of the Vulnerable Software and Affected Versions Veritas Resiliency Platform versions prior to 3.4 HF1

Description A persistent cross-site scripting issue allows a malicious user to inject malicious script into another user's browser, related to resiliency plans functionality. This occurs when a victim opens a resiliency plan that an attacker has access to.

Recommendations For versions prior to 3.4 HF1, update to version 3.4 HF1 or later to resolve the issue. As a temporary workaround, consider restricting access to resiliency plans to minimize the risk of exploitation.