Описание
An issue was discovered in Veritas InfoScale Operations Manager (VIOM) before 7.4.2 Patch 600 and 8.x before 8.0.0 Patch 100. A reflected cross-site scripting (XSS) vulnerability in admin/cgi-bin/listdir.pl allows authenticated remote administrators to inject arbitrary web script or HTML into an HTTP GET parameter (which reflect the user input without sanitization).
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Одно из
EPSS
4.8 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
Связанные уязвимости
An issue was discovered in Veritas InfoScale Operations Manager (VIOM) before 7.4.2 Patch 600 and 8.x before 8.0.0 Patch 100. A reflected cross-site scripting (XSS) vulnerability in admin/cgi-bin/listdir.pl allows authenticated remote administrators to inject arbitrary web script or HTML into an HTTP GET parameter (which reflect the user input without sanitization).
EPSS
4.8 Medium
CVSS3
3.5 Low
CVSS2