Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2018-1246

Опубликовано: 28 сент. 2018
Источник: nvd
CVSS3: 4.7
CVSS3: 6.1
CVSS2: 4.3
EPSS Низкий

Описание

Dell EMC Unity and UnityVSA contains reflected cross-site scripting vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by tricking a victim application user to supply malicious HTML or Java Script code to Unisphere, which is then reflected back to the victim and executed by the web browser.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:dell:emc_unity_operating_environment:*:*:*:*:*:*:*:*
Версия до 4.3.1.1525703027 (исключая)
cpe:2.3:a:dell:emc_unityvsa_operating_environment:*:*:*:*:*:*:*:*
Версия до 4.3.1.1525703027 (исключая)

EPSS

Процентиль: 48%
0.0025
Низкий

4.7 Medium

CVSS3

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

github логотип

GHSA-jp6c-fxpc-3qjr

CVSS3: 6.1
github
больше 3 лет назад

Dell EMC Unity and UnityVSA contains reflected cross-site scripting vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by tricking a victim application user to supply malicious HTML or Java Script code to Unisphere, which is then reflected back to the victim and executed by the web browser.

EPSS

Процентиль: 48%
0.0025
Низкий

4.7 Medium

CVSS3

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79