Security Advisory

CVE-2021-21542

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-04-30 20:55:20
Last updated 2024-09-17 01:11:50
Assigner dell
State PUBLISHED

Description

Dell EMC iDRAC9 versions prior to 4.40.10.00 contain multiple stored cross-site scripting vulnerabilities. A remote authenticated malicious user with high privileges could potentially exploit these vulnerabilities to store malicious HTML or JavaScript code through multiple affected while generating a certificate. When victim users access the submitted data through their browsers, the malicious code gets executed by the web browser in the context of the vulnerable application.