Medium severity5.4NVD Advisory· Published May 4, 2021· Updated Jun 17, 2026
CVE-2020-4987
CVE-2020-4987
Description
The IBM FlashSystem 900 user management GUI is vulnerable to stored cross-site scripting in code versions 1.5.2.8 and prior and 1.6.1.2 and prior. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<=1.5.2.8, <=1.6.1.2+ 1 more
- (no CPE)range: <=1.5.2.8, <=1.6.1.2
- (no CPE)range: 1.6.1.2
Patches
Vulnerability mechanics
References
2- exchange.xforce.ibmcloud.com/vulnerabilities/192702nvdVDB EntryVendor Advisory
- www.ibm.com/support/pages/node/6449280nvdVendor Advisory
News mentions
0No linked articles in our index yet.