Security Advisory

CVE-2020-24664

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-01-29 18:56:43

Last updated 2024-08-04 15:19:09

Assigner mitre

State PUBLISHED

Description

The dashboard Editor in Hitachi Vantara Pentaho through 7.x - 8.x contains a reflected Cross-site scripting vulnerability, which allows an authenticated remote users to execute arbitrary JavaScript code. Specifically, the vulnerability lies in the pho:title attribute of dashboardXml parameter. Remediated in >= 7.1.0.25, >= 8.2.0.6, and >= 8.3.0.0 GA.

← Browse all CVEs View on cve.org ↗