Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
On the OSNEXUS QuantaStor v4 virtual appliance before 4.3.1, if the REST call invoked does not exist, an error will be triggered containing the invalid method previously invoked. The response sent to the user isn't sanitized in this case. An attacker can leverage this issue by including arbitrary HTML or JavaScript code as a parameter, aka XSS.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
OSNEXUS QuantaStor v4虚拟设备跨站脚本漏洞
Vulnerability Description
OSNEXUS QuantaStor v4 virtual appliance是美国OSNEXUS公司的一款虚拟存储设备。 OSNEXUS QuantaStor v4虚拟设备4.3.1之前的版本中存在跨站脚本漏洞。远程攻击者可利用该漏洞注入任意的HTML或JavaScript代码。
CVSS Information
N/A
Vulnerability Type
N/A