My Cloud - XSS Vulnerability

WDC Tracking Number: WDC-19017
Product Line: My Cloud
Published: July 27, 2021

Last Updated: July 27, 2021


A XSS vulnerability was addressed in the My Cloud - which could allow an attacker to execute arbitrary client-side code in the user’s browser session or allow the attacker to modify the session cookie with a payload that could take over a victim's browser.

Site Impact
Last Updated
May 2, 2019

Advisory Summary

Resolved the XSS vulnerability by data filtering and encoding. The vulnerability is fixed and deployed as of May 2, 2019.

Reported by: Ismail Hossain