CVSS: 6.1EPSS: 1%CPEs: 10EXPL: 1CVE-2014-0332 – DELL SonicWALL Universal Management Suite 7.1 Cross Site Scripting
https://notcve.org/view.php?id=CVE-2014-0332
12 Feb 2014 — Cross-site scripting (XSS) vulnerability in mainPage in Dell SonicWALL GMS before 7.1 SP2, SonicWALL Analyzer before 7.1 SP2, and SonicWALL UMA E5000 before 7.1 SP2 might allow remote attackers to inject arbitrary web script or HTML via the node_id parameter in a ScreenDisplayManager genNetwork action. Vulnerabilidad de XSS en mainPage en Dell SonicWALL GMS anterior a 7.1 SP2, SonicWALL Analyzer anterior a 7.1 SP2 y SonicWALL UMA E5000 anterior a 7.1 SP2 podría permitir a atacantes remotos inyectar script W... • https://packetstorm.news/files/id/125180 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 1%CPEs: 10EXPL: 5CVE-2013-7025 – SonicWALL Gms 7.x - Filter Bypass / Persistent
https://notcve.org/view.php?id=CVE-2013-7025
09 Dec 2013 — Multiple cross-site scripting (XSS) vulnerabilities in ematStaticAlertTypes.jsp in the Alert Settings section in Dell SonicWALL Global Management System (GMS), Analyzer, and UMA EM5000 7.1 SP1 before Hotfix 134235 allow remote authenticated users to inject arbitrary web script or HTML via the (1) valfield_1 or (2) value_1 parameter to createNewThreshold.jsp. Múltiples vulnerabilidades XSS en ematStaticAlertTypes.jsp en la sección de ajustes de alertas en Dell SonicWALL Global Management System (GMS), Analyz... • https://www.exploit-db.com/exploits/30054 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •