Description
Cross-site scripting (XSS) vulnerability in mainPage in Dell SonicWALL GMS before 7.1 SP2, SonicWALL Analyzer before 7.1 SP2, and SonicWALL UMA E5000 before 7.1 SP2 might allow remote attackers to inject arbitrary web script or HTML via the node_id parameter in a ScreenDisplayManager genNetwork action.
CVSS Metrics
- Vector
- AV:N/AC:M/Au:N/C:N/I:P/A:N
- Access Vector
- network
- Access Cmplx
- medium
- Auth
- none
- Confidentiality
- none
- Integrity
- partial
- Availability
- none
- Weaknesses
- CWE-79
Metadata
- Primary Vendor
- SONICWALL
- Published
- 2/14/2014
- Last Modified
- 4/11/2025
- Source
- NIST NVD
- Note: Verify all details with official vendor sources before applying patches.
Affected Products
sonicwall : global_management_systemsonicwall : global_management_systemsonicwall : global_management_systemsonicwall : analyzersonicwall : analyzersonicwall : analyzersonicwall : global_management_systemsonicwall : global_management_systemsonicwall : global_management_system
AI-Powered Remediation
Generate remediation guidance or a C-suite brief for this vulnerability.