Huawei noticed that on July 27, 2016, security researcher zhiwei_jiang disclosed XSS security vulnerability regarding Huawei ISM on Packet Storm Website. Huawei immediately launched an investigation.
Huawei has finished investigation and analysis, confirmed that Huawei ISM is affected by this vulnerability. Huawei has delivered Security Advisories. The link of the security advisory is:
Customers can get necessary support for product security vulnerabilities through Huawei local technical service.
2016-08-18 FINAL Add the SA link
Huawei adheres to protecting the ultimate interests of users with best efforts and the principle of responsible disclosure and deal with product security issues through our response mechanism.
To enjoy Huawei PSIRT services and obtain Huawei product vulnerability information, please visit http://www.huawei.com/en/psirt.
To report a security vulnerability in Huawei products and solutions, please send it to PSIRT@huawei.com. For details, please visit http://www.huawei.com/en/psirt/report-vulnerabilities.