Vulnerability Description
Dell Wyse Management Suite 3.6.1 and below contains a Reflected Cross-Site Scripting Vulnerability in EndUserSummary page. An authenticated attacker could potentially exploit this vulnerability, leading to the execution of malicious HTML or JavaScript code in a victim user's web browser in the context of the vulnerable web application. Exploitation may lead to information disclosure, session theft, or client-side request forgery.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dell | Wyse Management Suite | < 3.8.0 |
Related Weaknesses (CWE)
References
- https://www.dell.com/support/kbdoc/en-us/000201383/dsa-2022-134-dell-wyse-manageVendor Advisory
- https://www.dell.com/support/kbdoc/en-us/000201383/dsa-2022-134-dell-wyse-manageVendor Advisory
FAQ
What is CVE-2022-33929?
CVE-2022-33929 is a vulnerability with a CVSS score of 6.1 (MEDIUM). Dell Wyse Management Suite 3.6.1 and below contains a Reflected Cross-Site Scripting Vulnerability in EndUserSummary page. An authenticated attacker could potentially exploit this vulnerability, leadi...
How severe is CVE-2022-33929?
CVE-2022-33929 has been rated MEDIUM with a CVSS base score of 6.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-33929?
Check the references section above for vendor advisories and patch information. Affected products include: Dell Wyse Management Suite.