The web module in some Hikvision Hybrid SAN/Cluster Storage products have the following security vulnerability. Due to the insufficient input validation, attacker can exploit the vulnerability to XSS attack by sending messages with malicious commands to the affected device.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: hikvision

Published: 2022-06-27T17:50:40.922725Z

Updated: 2024-09-17T01:10:46.622Z

Reserved: 2022-03-29T00:00:00

Link: CVE-2022-28172

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-06-27T18:15:09.103

Modified: 2024-11-21T06:56:53.690

Link: CVE-2022-28172

cve-icon Redhat

No data.