VYPR
Unrated severityNVD Advisory· Published May 13, 2019· Updated Aug 5, 2024

CVE-2018-12304

CVE-2018-12304

Description

Cross-site scripting in Application Manager in Seagate NAS OS version 4.3.15.1 allows attackers to execute JavaScript via multiple application metadata fields: Short Description, Publisher Name, Publisher Contact, or Website URL.

Affected products

2
  • Seagate/NAS OSdescription
  • Seagate/NAS OSllm-create
    Range: =4.3.15.1

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.