CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-5317

Dell EMC ECS versions prior to 3.4.0.1 contain an XSS vulnerability. A remote authenticated malicious user could exploit this vulnerability to store malicious HTML or JavaScript code in a trusted application data store. When victim users access the data store through their browsers, the malicious code gets executed by the web browser in the context of the vulnerable web application.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 42.9%

CVSS Severity

CVSS v3 Score 6.2

CVSS v2 Score 3.5

References

https://www.dell.com/support/security/en-us/details/540788/DSA-2020-016-Dell-EMC-ECS-Cross-Site-Scripting-XSS-Vulnerability
https://www.dell.com/support/security/en-us/details/540788/DSA-2020-016-Dell-EMC-ECS-Cross-Site-Scripting-XSS-Vulnerability

Products affected by CVE-2020-5317

Dell » Emc Elastic Cloud Storage » Version: 3.4.0.0

cpe:2.3:a:dell:emc_elastic_cloud_storage:3.4.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-5317

Products

Pricing

Contact Us