CVE-2019-3490
N/A
N/A
Summary
A DOM based XSS vulnerability has been identified in the Netstorage component of Open Enterprise Server (OES) allowing a remote attacker to execute javascript in the victims browser by tricking the victim into clicking on a specially crafted link. This affects OES versions OES2015SP1, OES2018, and OES2018SP1. Older versions may be affected but were not tested as they are out of support.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| OES | Netstorage component of Open Enterprise Server | OES2015SP1 | affected |
| OES | Netstorage component of Open Enterprise Server | OES2018 | affected |
| OES | Netstorage component of Open Enterprise Server | and OES2018SP1 | affected |
Weaknesses
- DOM based XSS
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.