Dell EMC iDRAC9 versions prior to 4.40.10.00 contain multiple stored cross-site scripting vulnerabilities. A remote authenticated malicious user with high privileges could potentially exploit these vulnerabilities to store malicious HTML or JavaScript code through multiple affected while generating a certificate. When victim users access the submitted data through their browsers, the malicious code gets executed by the web browser in the context of the vulnerable application.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.dell.com/support/kbdoc/000185293 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: dell
Published: 2021-04-30T20:55:20.339400Z
Updated: 2024-09-17T01:11:50.815Z
Reserved: 2021-01-04T00:00:00
Link: CVE-2021-21542
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2021-04-30T21:15:08.820
Modified: 2021-05-10T17:44:01.483
Link: CVE-2021-21542
Redhat
No data.