The Data Services Management Console does not sufficiently encode user-controlled inputs, allowing an attacker to inject malicious script. When a targeted victim, who is already logged in, clicks on the compromised link, the injected script gets executed within the scope of victim�s browser. This potentially leads to an impact on confidentiality and integrity. Availability is not impacted.
2025-05-13T01:15:47.243
2025-05-13T19:35:25.503
Awaiting Analysis
CVSSv3.1: 4.4 (MEDIUM)
-