Security Advisory

CVE-2018-11075

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2018-09-28 18:00:00

Last updated 2024-09-17 00:30:53

Assigner dell

State PUBLISHED

Description

RSA Authentication Manager versions prior to 8.3 P3 contain a reflected cross-site scripting vulnerability in a Security Console page. A remote, unauthenticated malicious user, with the knowledge of a target users anti-CSRF token, could potentially exploit this vulnerability by tricking a victim Security Console user to supply malicious HTML or JavaScript code to the vulnerable web application, which code is then executed by the victims web browser in the context of the vulnerable web application.

← Browse all CVEs View on cve.org ↗