2 matches found
CVE-2019-9508
The CVE-2019-9508 vulnerability affects the Vertiv Avocent UMG-4000 web interface (version 4.2.1.19). It is a stored cross-site scripting (XSS) flaw arising because the web interface does not sanitize input, enabling an authenticated administrator to store a maliciously named file that executes w...
Vertiv Avocent UMG-4000 vulnerable to command injection and cross-site scripting vulnerabilities
Overview The Vertiv Avocent Universal Management Gateway Model UMG-4000 is a data center management appliance. The web interface of the UMG-4000 is vulnerable to command injection, stored cross-site scripting XSS, and reflected XSS, which may allow an authenticated attacker with administrative...