CVE-2026-2072 - Vulnerability Analysis
HighCVSS: 8.2Last Updated: March 25, 2026
Hitachi Infrastructure Analytics Advisor & Hitachi Ops Center Analyzer - Stored XSS
Published: March 25, 2026Updated: March 25, 2026Remote Exploitable
Overview
Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center Analyzer from 10.0.0-00 before 11.0.5-00 contain a stored cross-site scripting caused by improper input sanitization in the Analytics probe component, letting remote attackers execute scripts, exploit requires no special privileges.
Severity & Score
Severity: High
CVSS Score: 8.2
Impact
Remote attackers can execute arbitrary scripts in users' browsers, potentially stealing session data or performing actions on behalf of users.
Mitigation
Update to version 11.0.5-00 or later.
References
Related Resources
Details
- CVE ID
- CVE-2026-2072
- Severity
- High
- CVSS Score
- 8.2
- Type
- stored_xss
- Status
- new
CWE
- CWE-79
CVSS Metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L