Dell EMC Unity Operating Environment versions before 5.0.0.0.5.116, Dell EMC UnityVSA versions before 5.0.0.0.5.116 and Dell EMC VNXe3200 versions before 3.1.10.9946299 contain a reflected cross-site scripting vulnerability on the cas/logout page. A remote unauthenticated attacker could potentially exploit this vulnerability by tricking a victim application user to supply malicious HTML or Java Script code to Unisphere, which is then reflected back to the victim and executed by the web browser.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dell emc unity operating environment |
||
dell emc unityvsa operating environment |
||
dell emc vnxe3200 firmware |