CVE-2021-26582
https://notcve.org/view.php?id=CVE-2021-26582
A security vulnerability in HPE IceWall SSO Domain Gateway Option (Dgfw) module version 10.0 on RHEL 5/6/7, version 10.0 on HP-UX 11i v3, version 10.0 on Windows and 11.0 on Windows could be exploited remotely to allow cross-site scripting (XSS). Una vulnerabilidad de seguridad en el módulo HPE IceWall SSO Domain Gateway Option (Dgfw) versión 10.0 en RHEL 5/6/7, versión 10.0 en HP-UX 11i versión v3, versión 10.0 en Windows y 11.0 en Windows, podría ser explotado remotamente para permitir ataques de tipo cross-site scripting (XSS) • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn04086en_us • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2020-7140
https://notcve.org/view.php?id=CVE-2020-7140
A security vulnerability in HPE IceWall SSO Dfw and Dgfw (Domain Gateway Option) could be exploited remotely to cause a remote cross-site scripting (XSS). HPE has provided the following information to resolve this vulnerability in HPE IceWall SSO DFW and Dgfw: https://www.hpe.com/jp/icewall_patchaccess Una vulnerabilidad de seguridad en HPE IceWall SSO Dfw y Dgfw (Domain Gateway Option) podría ser explotada remotamente para causar una vulnerabilidad de tipo cross-site scripting (XSS). HPE ha proporcionado la siguiente información para resolver esta vulnerabilidad en HPE IceWall SSO DFW y Dgfw: https://www.hpe.com/jp/icewall_patchaccess • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbmu04011en_us • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •