Vulnerability Details CVE-2020-16847
Extreme Analytics in Extreme Management Center before 8.5.0.169 allows unauthenticated reflected XSS via a parameter in a GET request, aka CFD-4887.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 53.9%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
- https://documentation.extremenetworks.com/release_notes/netsight/XMC_8.5.0_Release_Notes.pdf
- https://gtacknowledge.extremenetworks.com/articles/Solution/000051136
- https://documentation.extremenetworks.com/release_notes/netsight/XMC_8.5.0_Release_Notes.pdf
- https://gtacknowledge.extremenetworks.com/articles/Solution/000051136
Products affected by CVE-2020-16847
-
cpe:2.3:a:extremenetworks:extreme_management_center:8.4.1.24
-
cpe:2.3:a:extremenetworks:extreme_management_center:8.5