A stored cross-site scripting (XSS) vulnerability was reported in Lenovo XClarity Administrator (LXCA) versions prior to 2.5.0 that could allow an administrative user to cause JavaScript code to be stored in LXCA which may then be executed in the user's web browser. The JavaScript code is not executed on LXCA itself.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://support.lenovo.com/solutions/LEN-27805 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: lenovo
Published: 2019-09-03T18:50:11.005700Z
Updated: 2024-09-17T02:52:15.667Z
Reserved: 2019-01-11T00:00:00
Link: CVE-2019-6180
Vulnrichment
No data.
NVD
Status : Modified
Published: 2019-09-03T19:15:10.710
Modified: 2024-11-21T04:46:06.863
Link: CVE-2019-6180
Redhat
No data.