The IBM FlashSystem 900 user management GUI is vulnerable to stored cross-site scripting in code versions 1.5.2.8 and prior and 1.6.1.2 and prior. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: ibm
Published: 2021-05-04T15:45:14.502211Z
Updated: 2024-09-17T03:59:23.672Z
Reserved: 2019-12-30T00:00:00
Link: CVE-2020-4987
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2021-05-04T16:15:07.827
Modified: 2022-01-01T18:03:56.647
Link: CVE-2020-4987
Redhat
No data.