← Zuruck zu CVEs
CVE-2025-26514
MEDIUM6.4
Beschreibung
StorageGRID (formerly StorageGRID Webscale) versions prior to 11.8.0.15 and 11.9.0.8 are susceptible to a Reflected Cross-Site Scripting vulnerability. Successful exploit could allow an attacker to view or modify configuration settings or add or modify user accounts but requires the attacker to know specific information about the target instance and then trick a privileged user into clicking a specially crafted link.
CVE Details
CVSS v3.1 Bewertung6.4
SchweregradMEDIUM
CVSS VektorCVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:L
AngriffsvektorNETWORK
KomplexitatHIGH
Erforderliche PrivilegienNONE
BenutzerinteraktionREQUIRED
Veroffentlicht9/19/2025
Zuletzt geandert9/23/2025
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
netapp:storagegrid
Schwachen (CWE)
CWE-79
Referenzen
https://security.netapp.com/advisory/NTAP-20250910-0001(security-alert@netapp.com)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.