Vmware: >> Workspace One Boxer Security Vulnerabilities
VMware Workspace ONE Boxer contains a stored cross-site scripting (XSS) vulnerability. Due to insufficient sanitization and validation, in VMware Workspace ONE Boxer calendar event descriptions, a malicious actor can inject script tags to execute arbitrary script within a user's window.
CVSS Score
5.4
EPSS Score
0.005
Published
2022-03-02
VMware Workspace ONE SDK and dependent mobile application updates address sensitive information disclosure vulnerability.
CVSS Score
5.9
EPSS Score
0.002
Published
2020-01-17