4 matches found
CVE-2016-6840
Cross-site scripting XSS vulnerability in the management interface in Huawei OceanStor ISM before V200R001C04SPC200 allows remote attackers to inject arbitrary web script or HTML via the loginName parameter to cgi-bin/doLoginCgiEntry and possibly other unspecified vectors...
CVE-2016-6840
Cross-site scripting XSS vulnerability in the management interface in Huawei OceanStor ISM before V200R001C04SPC200 allows remote attackers to inject arbitrary web script or HTML via the loginName parameter to cgi-bin/doLoginCgiEntry and possibly other unspecified vectors...
CVE-2016-6840
Huawei OceanStor ISM vulnerable to cross-site scripting (XSS) in its management interface before V200R001C04SPC200. The issue allows remote attackers to inject arbitrary web script or HTML via the loginName parameter to cgi-bin/doLogin_CgiEntry and possibly other vectors. Affects the ISM product'...
Security Advisory - XSS Vulnerability in Huawei OceanStor ISM
The OceanStor ISM is an integrated system management software product that allows users to manages CSS, view CSS alarms and some other types of basic information, and configure basic functions. The management interface of the OceanStor ISM has a XSS vulnerability because the system does not escap...