Dell EMC Integrated Data Protection Appliance versions prior to 2.3 contain a stored cross-site scripting vulnerability. A remote malicious ACM admin user may potentially exploit this vulnerability to store malicious HTML or JavaScript code in Cloud DR add-on specific field. When victim users access the page through their browsers, the malicious code gets executed by the web browser in the context of the vulnerable web application.
Metrics
Affected Vendors & Products
References
History
No history.
![cve-icon](/static/img/cve-icon.png)
Status: PUBLISHED
Assigner: dell
Published: 2019-09-27T20:21:21.014325Z
Updated: 2024-09-17T00:26:31.837Z
Reserved: 2019-01-03T00:00:00
Link: CVE-2019-3747
![cve-icon](/static/img/cisa-icon.png)
No data.
![cve-icon](/static/img/nvd-icon.png)
Status : Modified
Published: 2019-09-27T21:15:10.207
Modified: 2024-11-21T04:42:27.437
Link: CVE-2019-3747
![cve-icon](/static/img/redhat-icon.png)
No data.