Loading
RSA Authentication Manager software versions prior to 8.4 P8 contain a stored cross-site scripting vulnerability in the Security Console. A malicious Security Console administrator could exploit this vulnerability to store arbitrary HTML or JavaScript code through the web interface which could then be included in a report. When other Security Console administrators open the affected report, the injected scripts could potentially be executed in their browser.
Use CWE-79, Emc vendor hub and Rsa Authentication Manager product page to widen CVE-2019-18574 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2019-3768, CVE-2018-11073 and CVE-2018-11074 for nearby disclosures in the same product family.