CVE-2016-6840
Cross-site scripting (XSS) vulnerability in the management interface in Huawei OceanStor ISM before V200R001C04SPC200 allows remote attackers to inject arbitrary web script or HTML via the loginName parameter to cgi-bin/doLogin_CgiEntry and possibly other unspecified vectors.
Date published : 2016-09-26
http://www.securityfocus.com/bid/92554
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160818-01-ism-en