A stored cross-site scripting (XSS) vulnerability was reported in Lenovo XClarity Administrator (LXCA) versions prior to 2.5.0 that could allow an administrative user to cause JavaScript code to be stored in LXCA which may then be executed in the user's web browser. The JavaScript code is not executed on LXCA itself.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: lenovo

Published: 2019-09-03T18:50:11.005700Z

Updated: 2024-09-17T02:52:15.667Z

Reserved: 2019-01-11T00:00:00

Link: CVE-2019-6180

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2019-09-03T19:15:10.710

Modified: 2022-10-14T03:32:08.443

Link: CVE-2019-6180

cve-icon Redhat

No data.