CVSS: 9.0EPSS: 0%CPEs: 4EXPL: 0CVE-2019-18588
https://notcve.org/view.php?id=CVE-2019-18588
Dell EMC Unisphere for PowerMax versions prior to 9.1.0.9, Dell EMC Unisphere for PowerMax versions prior to 9.0.2.16, and Dell EMC PowerMax OS 5978.221.221 and 5978.479.479 contain a Cross-Site Scripting (XSS) vulnerability. An authenticated malicious user may potentially exploit this vulnerability to inject javascript code and affect other authenticated users' sessions. Dell EMC Unisphere para PowerMax versiones anteriores a la versión 9.1.0.9, Dell EMC Unisphere para PowerMax versiones anteriores a la versión 9.0.2.16 y Dell EMC PowerMax OS versiones 5978.221.221 y 5978.479.479, contienen una vulnerabilidad de tipo Cross-Site Scripting (XSS). Un usuario malicioso autenticado puede explotar potencialmente esta vulnerabilidad para inyectar código JavaScript y afectar otras sesiones de usuarios autenticados. • https://www.dell.com/support/security/en-us/details/539808/DSA-2019-193-Dell-EMC-Unisphere-for-PowerMax-and-Dell-EMC-PowerMax-Embedded-Management-Cross-Site • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •