GHSA-5h7h-rxr9-2ccvMediumCVSS 5.7
An administrative cross-site scripting (XSS) vulnerability exists in the web user interface...
🔗 CVE IDs covered (1)
📋 Description
An administrative cross-site scripting (XSS) vulnerability exists in the web user interface dashboard layout of Arista Edge Threat Management - Arista Next Generation Firewall (NGFW). Unvalidated user-supplied variables are echoed back to administrative profiles, facilitating vector payload processing behavior controls.