CVE-2024-30476
MediumCVSS 5.4Summary
PowerStore contains a Stored Cross-Site Scripting Vulnerability in the PowerStore Manager. A remote authenticated low-privileged malicious actor could potentially exploit this vulnerability, which could lead to script execution in the client browser.
Risk Assessment
Exploitation of this vulnerability may lead to unauthorized script execution in user browsers, posing a risk of data theft or session hijacking.
Recommendation
It is recommended to update PowerStore to the latest version and implement appropriate security measures to mitigate the risk of XSS attacks.
Original NVD description (English source)
PowerStore contains a Stored Cross-Site Scripting Vulnerability in the PowerStore Manager. A remote authenticated low-privileged malicious actor could potentially exploit this vulnerability, it could lead to script execution in the client browser.

