CVE-2019-3747

Dell EMC Integrated Data Protection Appliance versions prior to 2.3 contain a stored cross-site scripting vulnerability. A remote malicious ACM admin user may potentially exploit this vulnerability to store malicious HTML or JavaScript code in Cloud DR add-on specific field. When victim users access the page through their browsers, the malicious code gets executed by the web browser in the context of the vulnerable web application.
Configurations

Configuration 1


Information

Published : 2019-09-27 09:15

Updated : 2019-10-09 11:49


NVD link : CVE-2019-3747

Mitre link : CVE-2019-3747

CWE