Medium severity4.8NVD Advisory· Published Mar 26, 2018· Updated Jun 17, 2026

CVE-2018-1188

Description

Dell EMC Isilon versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, and versions 7.2.1.x is affected by a cross-site scripting vulnerability in the Authorization Providers page within the OneFS web administration interface. A malicious administrator may potentially inject arbitrary HTML or JavaScript code in the user's browser session in the context of the OneFS website.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

EMC Corporation/OneFSllm-create
Range: 7.2.1.x, 8.0.0.0-8.0.0.6, 8.0.1.0-8.0.1.2, 8.1.0.0-8.1.0.1
Dell/Isilonllm-fuzzy
Range: 7.2.1.x, 8.0.0.0-8.0.0.6, 8.0.1.0-8.0.1.2, 8.1.0.0-8.1.0.1
EMC Corporation/Isilon Onefscpe-rescue
Range: versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, 8.0.0.0 - 8.0.0.6, versions 7.2.1.x

Patches

Vulnerability mechanics

References

www.coresecurity.com/advisories/dell-emc-isilon-onefs-multiple-vulnerabilitiesnvdExploitThird Party Advisory
www.exploit-db.com/exploits/44039/nvdExploitThird Party AdvisoryVDB Entry
seclists.org/fulldisclosure/2018/Mar/50nvdMailing ListThird Party Advisory
www.securityfocus.com/bid/103033nvdThird Party AdvisoryVDB Entry

News mentions

No linked articles in our index yet.

cvss	0.312
epss	0.002
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000