A cross-site scripting vulnerability exists in Hikvision Hybrid SAN/Cluster Storage, a series of affordable and reliable hybrid SAN (storage area network) products from Hikvision, China. vulnerability stems from insufficient input validation in the web module. An attacker could exploit the vulnerability by sending a message with a malicious command to conduct a cross-site scripting attack.
CPE | Name | Operator | Version |
---|---|---|---|
hikvision ds-a71024/48r-cvs <=v | eq | 1.1.4 | |
hikvision ds-a72024/48r-cvs <=v | eq | 1.1.4 |