1 results (0.004 seconds)

CVSS: 9.0EPSS: 0%CPEs: 11EXPL: 0

CVE-2021-21515

https://notcve.org/view.php?id=CVE-2021-21515

Dell EMC SourceOne, versions 7.2SP10 and prior, contain a Stored Cross-Site Scripting vulnerability. A remote low privileged attacker may potentially exploit this vulnerability, to hijack user sessions or to trick a victim application user to unknowingly send arbitrary requests to the server. Dell EMC SourceOne, versiones 7.2SP10 y anteriores, contienen una vulnerabilidad de tipo Cross-Site Scripting almacenado. Un atacante remoto poco privilegiado puede explotar esta vulnerabilidad para secuestrar sesiones de usuario o engañar a un usuario de la aplicación víctima para que, sin saberlo, envíe peticiones arbitrarias al servidor • https://www.dell.com/support/kbdoc/en-us/000183430/dsa-2021-043-dell-emc-sourceone-java-script-xss-stored-vulnerability • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •