Loading HuntDB...

GHSA-2h7j-8929-4x9g

GitHub Security Advisory

⚠ Unreviewed CRITICAL Has CVE

Advisory Details

For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 and earlier, adversaries can craft URLs to modify the Document Object Model (DOM) of the page. In addition, adversaries can inject HTML script tags and HTML tags with JavaScript handlers to execute arbitrary JavaScript with the origin of the device.

Related CVEs

Key Information

GHSA ID
GHSA-2h7j-8929-4x9g
Published
May 13, 2022 1:21 AM
Last Modified
May 13, 2022 1:21 AM
CVSS Score
9.0 /10
Primary Ecosystem
Unknown
Primary Package
Unknown
GitHub Reviewed
✗ No

Dataset

Last updated: August 30, 2025 6:32 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.