XSS in Sandisk Ibi Web App

CVE-2024-22168

A Cross-Site Scripting (XSS) vulnerability on the My Cloud, My Cloud Home, SanDisk ibi, and WD Cloud web apps was found which could allow an attacker to redirect the user to a crafted domain and reset their credentials, or to execute arbit…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.003 (24.2th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References