Security Advisory

CVE-2019-9509

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-03-30 20:50:26

Last updated 2024-09-16 20:01:41

Assigner certcc

State PUBLISHED

Description

The web interface of the Vertiv Avocent UMG-4000 version 4.2.1.19 is vulnerable to reflected XSS in an HTTP POST parameter. The web application does not neutralize user-controllable input before displaying to users in a web page, which could allow a remote attacker authenticated with a user account to execute arbitrary code.

← Browse all CVEs View on cve.org ↗