Unrated severityNVD Advisory· Published Feb 16, 2024· Updated Apr 24, 2025
Reflected Cross-Site Scripting Vulnerability in StorageGRID (formerly StorageGRID Webscale)
CVE-2024-21984
Description
StorageGRID (formerly StorageGRID Webscale) versions prior to 11.8 are susceptible to a difficult to exploit Reflected Cross-Site Scripting (XSS) vulnerability. Successful exploit requires the attacker to know specific information about the target instance and trick a privileged user into clicking a specially crafted link. This could allow the attacker to view or modify configuration settings or add or modify user accounts.
Affected products
2<11.8+ 1 more
- (no CPE)range: <11.8
- (no CPE)range: 0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.