CVE-2019-3709
Description
IsilonSD Management Server 1.1.0 contains a cross-site scripting vulnerability while registering vCenter servers. A remote attacker can trick an admin user to potentially exploit this vulnerability to execute malicious HTML or JavaScript code in the context of the admin user.
Risk Information
Base Score
9.6
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.545
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability (CVE-2019-3709) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234