CVE-2021-26596— NOKIA NetAct 18A 跨站脚本漏洞

N/A

An issue was discovered in Nokia NetAct 18A. A malicious user can change a filename of an uploaded file to include JavaScript code, which is then stored and executed by a victim's web browser. The most common mechanism for delivering malicious content is to include it as a parameter in a URL that is posted publicly or e-mailed directly to victims. Here, the /netact/sct filename parameter is used.

N/A

N/A

NOKIA NetAct 18A 跨站脚本漏洞

NOKIA NetAct 18A是芬兰诺基亚（NOKIA）公司的一个应用系统。提供一流的应用程序来实现无缝的日常网络操作，包括配置管理，监视和软件管理。 Nokia NetAct 18A 存在安全漏洞，该漏洞允许恶意用户可以更改上传文件的文件名，以包含JavaScript代码。

N/A

N/A