Cross-site scripting (XSS) vulnerability in SoftwareRegistration.do in the Storage Manager Profiler in IBM System Storage DS Storage Manager prior to 10.83.xx.18 on DS Series devices allows remote malicious users to inject arbitrary web script or HTML via the updateRegn parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm ds_storage_manager_host_software 10.60.x5.14 |
||
ibm ds_storage_manager_host_software 10.8 |
||
ibm ds_storage_manager_host_software |
||
ibm ds4100 |
||
ibm system_storage_dcs3700_storage_subsystem 1818 |
||
ibm system_storage_ds3200 1726 |
||
ibm system_storage_ds5100_storage_controller 1818 |
||
ibm system_storage_ds5300_storage_controller 1818 |
||
ibm ds4100 1724 |
||
ibm ds4200 1814 |
||
ibm ds4300 1722 |
||
ibm system_storage_ds3300 1726 |
||
ibm system_storage_ds3400 1726 |
||
ibm ds4400 1742 |
||
ibm ds4500 1742 |
||
ibm system_storage_ds3512 1746 |
||
ibm system_storage_ds3524 1746 |
||
ibm ds4700 1814 |
||
ibm ds4800 1815 |
||
ibm system_storage_ds3950_express 1814 |
||
ibm system_storage_ds5020_disk_controller 1814-20a |