NuytsTech Security

CVE-2016-6840

by ·

Cross-site scripting (XSS) vulnerability in the management interface in Huawei OceanStor ISM before V200R001C04SPC200 allows remote attackers to inject arbitrary web script or HTML via the loginName parameter to cgi-bin/doLogin_CgiEntry and possibly other unspecified vectors.

Date published : 2016-09-26

http://www.securityfocus.com/bid/92554

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160818-01-ism-en

Tags: