Reflected Cross-Site Scripting Vulnerability in Lenovo XClarity Administrator
CVE-2019-6181
6.1MEDIUM
Key Information:
- Vendor
Lenovo
- Vendor
- CVE Published:
- 3 September 2019
What is CVE-2019-6181?
A reflected cross-site scripting vulnerability exists in Lenovo XClarity Administrator (LXCA) versions prior to 2.5.0. This flaw may allow an attacker to craft a malicious URL that, when accessed by a user, can execute arbitrary JavaScript code within the user's web browser. It is important to note that the JavaScript code is not executed on the LXCA system itself but can compromise the user's session or data.
Affected Version(s)
XClarity Administrator (LXCA) < 2.5.0