Dell EMC iDRAC9 versions prior to 4.40.10.00 contain multiple stored cross-site scripting vulnerabilities. A remote authenticated malicious user with high privileges could potentially exploit these vulnerabilities to store malicious HTML or JavaScript code through multiple affected while generating a certificate. When victim users access the submitted data through their browsers, the malicious code gets executed by the web browser in the context of the vulnerable application.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: dell

Published: 2021-04-30T20:55:20.339400Z

Updated: 2024-09-17T01:11:50.815Z

Reserved: 2021-01-04T00:00:00

Link: CVE-2021-21542

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-04-30T21:15:08.820

Modified: 2024-11-21T05:48:33.500

Link: CVE-2021-21542

cve-icon Redhat

No data.