CVE-2018-1246

Dell EMC Unity and UnityVSA contains reflected cross-site scripting vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by tricking a victim application user to supply malicious HTML or Java Script code to Unisphere, which is then reflected back to the victim and executed by the web browser.
References
Link Resource
https://seclists.org/fulldisclosure/2018/Sep/30 Mailing List Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:dell:emc_unityvsa_operating_environment:*:*:*:*:*:*:*:*
cpe:2.3:a:dell:emc_unity_operating_environment:*:*:*:*:*:*:*:*

Information

Published : 2018-09-28 11:29

Updated : 2019-10-09 16:38


NVD link : CVE-2018-1246

Mitre link : CVE-2018-1246


JSON object : View

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Advertisement

dedicated server usa

Products Affected

dell

  • emc_unity_operating_environment
  • emc_unityvsa_operating_environment