CVE-2022-38732 Information

Description

SnapCenter versions prior to 4.7 shipped without Content Security Policy (CSP) implemented which could allow certain types of attacks that otherwise would be prevented.

Reference

https://security.netapp.com/advisory/NTAP-20220926-0001/