Vulnerability Details CVE-2026-23858
Dell Wyse Management Suite, versions prior to WMS 5.5, contain an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Script Injection.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 7.8%
CVSS Severity
CVSS v3 Score 5.4
Products affected by CVE-2026-23858
-
cpe:2.3:a:dell:wyse_management_suite:-
-
cpe:2.3:a:dell:wyse_management_suite:1.0
-
cpe:2.3:a:dell:wyse_management_suite:1.1
-
cpe:2.3:a:dell:wyse_management_suite:1.2
-
cpe:2.3:a:dell:wyse_management_suite:1.3
-
cpe:2.3:a:dell:wyse_management_suite:1.4
-
cpe:2.3:a:dell:wyse_management_suite:1.4.1
-
cpe:2.3:a:dell:wyse_management_suite:2.0
-
cpe:2.3:a:dell:wyse_management_suite:3.0
-
cpe:2.3:a:dell:wyse_management_suite:3.1
-
cpe:2.3:a:dell:wyse_management_suite:3.2
-
cpe:2.3:a:dell:wyse_management_suite:3.3.1
-
cpe:2.3:a:dell:wyse_management_suite:3.5.1
-
cpe:2.3:a:dell:wyse_management_suite:3.5.2
-
cpe:2.3:a:dell:wyse_management_suite:3.6.0
-
cpe:2.3:a:dell:wyse_management_suite:3.6.1
-
cpe:2.3:a:dell:wyse_management_suite:3.7.0
-
cpe:2.3:a:dell:wyse_management_suite:3.8.0
-
cpe:2.3:a:dell:wyse_management_suite:4.0
-
cpe:2.3:a:dell:wyse_management_suite:4.1
-
cpe:2.3:a:dell:wyse_management_suite:4.4
-
cpe:2.3:a:dell:wyse_management_suite:5.1
-
cpe:2.3:a:dell:wyse_management_suite:5.2
-
cpe:2.3:a:dell:wyse_management_suite:5.3
-
cpe:2.3:a:dell:wyse_management_suite:5.4