CVE-2020-26198
16.12.2020, 16:15
Dell EMC iDRAC9 versions prior to 4.32.10.00 and 4.40.00.00 contain a reflected cross-site scripting vulnerability in the iDRAC9 web application. A remote attacker could potentially exploit this vulnerability to run malicious HTML or JavaScript in a victims browser by tricking a victim in to following a specially crafted link.
| Vendor | Product | Version |
|---|---|---|
| dell | idrac9_firmware | 𝑥 ≤ 4.32.10.00 |
| dell | idrac9_firmware | 4.40.00.00 |
𝑥
= Vulnerable software versions