Unrated severityNVD Advisory· Published Sep 27, 2019· Updated Sep 17, 2024
CVE-2019-3747
CVE-2019-3747
Description
Dell EMC Integrated Data Protection Appliance versions prior to 2.3 contain a stored cross-site scripting vulnerability. A remote malicious ACM admin user may potentially exploit this vulnerability to store malicious HTML or JavaScript code in Cloud DR add-on specific field. When victim users access the page through their browsers, the malicious code gets executed by the web browser in the context of the vulnerable web application.
Affected products
2- Range: <2.3
- Range: prior to 2.3
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.