Security Advisory

CVE-2021-26247

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-01-19 20:38:53

Last updated 2024-08-03 20:19:20

Assigner redhat

State PUBLISHED

Description

As an unauthenticated remote user, visit "http://<CACTI_SERVER>/auth_changepassword.php?ref=<script>alert(1)</script>" to successfully execute the JavaScript payload present in the "ref" URL parameter.

← Browse all CVEs View on cve.org ↗