PT-2020-9966 · Dell Emc · Dell Emc Xtremio Xms
Published
2020-03-13
·
Updated
2020-03-18
·
CVE-2019-18578
CVSS v3.1
9.0
Critical
| Vector | AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
Dell EMC XtremIO XMS versions prior to 6.3.0
Description:
The issue allows a low-privileged malicious remote user to store malicious HTML or JavaScript code in application fields. When victim users access the injected page through their browsers, the malicious code may be executed by the web browser in the context of the vulnerable web application.
Recommendations:
For Dell EMC XtremIO XMS versions prior to 6.3.0, update to version 6.3.0 or later to resolve the issue.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Dell Emc Xtremio Xms