CVE-2020-4987
CVE-2020-4987 affects IBM FlashSystem 900 user management GUI. Stored XSS in the web UI allows embedding arbitrary JavaScript, potentially leading to credentials disclosure within a trusted session. Affected code is VRMF 1.5.2.8 and prior and 1.6.1.2 and prior; fixes are available: 1.6.1.3 (1.6 s...