Medium severity4.8NVD Advisory· Published Mar 26, 2018· Updated Jun 17, 2026

CVE-2018-1189

Description

Dell EMC Isilon versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, versions 7.2.1.x, and version 7.1.1.11 is affected by a cross-site scripting vulnerability in the Antivirus Page within the OneFS web administration interface. A malicious administrator may potentially inject arbitrary HTML or JavaScript code in the user's browser session in the context of the OneFS website.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Dell/Isilonllm-fuzzy
Range: >=7.1.1.11, >=7.2.1.x, >=8.0.0.0 <=8.0.0.6, >=8.0.1.0 <=8.0.1.2, >=8.1.0.0 <=8.1.0.1
EMC Corporation/Isilon Onefscpe-rescue
Range: versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, 8.0.0.0 - 8.0.0.6, versions 7.2.1.x and version 7.1.1.11

Patches

Vulnerability mechanics

References

www.coresecurity.com/advisories/dell-emc-isilon-onefs-multiple-vulnerabilitiesnvdExploitThird Party Advisory
www.exploit-db.com/exploits/44039/nvdExploitThird Party AdvisoryVDB Entry
seclists.org/fulldisclosure/2018/Mar/50nvdMailing ListThird Party Advisory
www.securityfocus.com/bid/103033nvdThird Party AdvisoryVDB Entry

News mentions

No linked articles in our index yet.

cvss	0.312
epss	0.023
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000