Lucene search
China National Vulnerability DatabaseCNVD-2022-76492HistoryJun 30, 2022 - 12:00 a.m.
Hikvision Hybrid SAN/Cluster Storage Cross-Site Scripting Vulnerability
2022-06-3000:00:00
China National Vulnerability Database
www.cnvd.org.cn
15
0.001 Low
EPSS
Percentile
35.2%
A cross-site scripting vulnerability exists in Hikvision Hybrid SAN/Cluster Storage, a series of affordable and reliable hybrid SAN (storage area network) products from Hikvision, China. vulnerability stems from insufficient input validation in the web module. An attacker could exploit the vulnerability by sending a message with a malicious command to conduct a cross-site scripting attack.
| CPE | Name | Operator | Version |
|---|---|---|---|
| hikvision ds-a71024/48r-cvs <=v | eq | 1.1.4 | |
| hikvision ds-a72024/48r-cvs <=v | eq | 1.1.4 |
Related
cve
cve
CVE-2022-28172
2022-06-27 18:15:09
prion
prion
Input validation
2022-06-27 18:15:00
cvelist
cvelist
CVE-2022-28172
2022-06-27 00:00:00
nvd
nvd
CVE-2022-28172
2022-06-27 18:15:09
zdt
zdt
Hikvision Remote Code Execution / XSS / SQL Injection Vulnerabilities
2023-02-01 00:00:00