GHSA-2h7j-8929-4x9g
GitHub Security Advisory
⚠ Unreviewed
CRITICAL
Has CVE
Advisory Details
For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 and earlier, adversaries can craft URLs to modify the Document Object Model (DOM) of the page. In addition, adversaries can inject HTML script tags and HTML tags with JavaScript handlers to execute arbitrary JavaScript with the origin of the device.
Related CVEs
Key Information
9.0
/10
Dataset
Last updated: August 30, 2025 6:32 AM
Data from GitHub Advisory Database. This information is provided for research and educational purposes.