Vulnerability Details CVE-2022-33929
Dell Wyse Management Suite 3.6.1 and below contains a Reflected Cross-Site Scripting Vulnerability in EndUserSummary page. An authenticated attacker could potentially exploit this vulnerability, leading to the execution of malicious HTML or JavaScript code in a victim user's web browser in the context of the vulnerable web application. Exploitation may lead to information disclosure, session theft, or client-side request forgery.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 71.7%
CVSS Severity
CVSS v3 Score 6.1
References
Products affected by CVE-2022-33929
-
cpe:2.3:a:dell:wyse_management_suite:-
-
cpe:2.3:a:dell:wyse_management_suite:1.0
-
cpe:2.3:a:dell:wyse_management_suite:1.1
-
cpe:2.3:a:dell:wyse_management_suite:1.2
-
cpe:2.3:a:dell:wyse_management_suite:1.3
-
cpe:2.3:a:dell:wyse_management_suite:1.4
-
cpe:2.3:a:dell:wyse_management_suite:1.4.1
-
cpe:2.3:a:dell:wyse_management_suite:2.0
-
cpe:2.3:a:dell:wyse_management_suite:3.0
-
cpe:2.3:a:dell:wyse_management_suite:3.1
-
cpe:2.3:a:dell:wyse_management_suite:3.2
-
cpe:2.3:a:dell:wyse_management_suite:3.3.1
-
cpe:2.3:a:dell:wyse_management_suite:3.5.1
-
cpe:2.3:a:dell:wyse_management_suite:3.5.2
-
cpe:2.3:a:dell:wyse_management_suite:3.6.0
-
cpe:2.3:a:dell:wyse_management_suite:3.6.1
-
cpe:2.3:a:dell:wyse_management_suite:3.7.0