CVE-2021-21515

Name of the Vulnerable Software and Affected Versions Dell EMC SourceOne versions 7.2SP10 and prior

Description The issue is a Stored Cross-Site Scripting vulnerability that can be exploited by a remote low privileged attacker. This could lead to hijacking user sessions or tricking a victim application user into sending arbitrary requests to the server.

Recommendations For versions 7.2SP10 and prior, consider restricting access to sensitive areas of the application to minimize the risk of session hijacking until a patch is available. As a temporary workaround, avoid using the application for sensitive transactions until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.