My Cloud - files.mycloud.com XSS Vulnerability


WDC Tracking Number: WDC-19017
Product Line: My Cloud
Published: July 27, 2021

Last Updated: July 27, 2021

Description

A XSS vulnerability was addressed in the My Cloud - files.mycloud.com which could allow an attacker to execute arbitrary client-side code in the user’s browser session or allow the attacker to modify the session cookie with a payload that could take over a victim's browser.

Site Impact
Last Updated
files.mycloud.com
May 2, 2019

Advisory Summary

Resolved the XSS vulnerability by data filtering and encoding. The vulnerability is fixed and deployed as of May 2, 2019.

Reported by: Ismail Hossain

Compare