This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our private policy>

Security Notice - Statement on Security Researcher Revealing XSS Security Vulnerability in Huawei ISM Product on Packet Storm Website

  • Initial Release Date: 2016-07-29
  • Last Release Date: 2016-08-18

Huawei noticed that on July 27, 2016, security researcher zhiwei_jiang disclosed XSS security vulnerability regarding Huawei ISM on Packet Storm Website. Huawei immediately launched an investigation.

Huawei has finished investigation and analysis, confirmed that Huawei ISM is affected by this vulnerability. Huawei has delivered Security Advisories. The link of the security advisory is:

Customers can get necessary support for product security vulnerabilities through Huawei local technical service. 

2016-08-18 FINAL Add the SA link
2016-07-29 INITIAL

Huawei adheres to protecting the ultimate interests of users with best efforts and the principle of responsible disclosure and deal with product security issues through our response mechanism.

To enjoy Huawei PSIRT services and obtain Huawei product vulnerability information, please visit
To report a security vulnerability in Huawei products and solutions, please send it to For details, please visit