Medium
| Third-Party Component |
CVEs |
More information |
|---|---|---|
| JQuery UI Library |
CVE-2021-41184 |
See NVD |
| Proprietary Code CVEs |
Description |
CVSS Base Score |
CVSS Vector String |
|---|---|---|---|
| CVE-2022-29096 |
Dell Wyse Management Suite 3.6.1 and below contains a Reflected Cross-Site Scripting Vulnerability in saveGroupConfigurations page. An authenticated attacker could potentially exploit this vulnerability, leading to the execution of malicious HTML or JavaScript code in a victim user's web browser in the context of the vulnerable web application. Exploitation may lead to information disclosure, session theft, or client-side request forgery. |
6.1 |
|
| CVE-2022-29097 |
Dell WMS 3.6.1 and below contains a Path Traversal vulnerability in Device API. A remote attacker could potentially exploit this vulnerability, to gain unauthorized read access to the files stored on the server filesystem, with the privileges of the running web application. |
4.9 |
| Proprietary Code CVEs |
Description |
CVSS Base Score |
CVSS Vector String |
|---|---|---|---|
| CVE-2022-29096 |
Dell Wyse Management Suite 3.6.1 and below contains a Reflected Cross-Site Scripting Vulnerability in saveGroupConfigurations page. An authenticated attacker could potentially exploit this vulnerability, leading to the execution of malicious HTML or JavaScript code in a victim user's web browser in the context of the vulnerable web application. Exploitation may lead to information disclosure, session theft, or client-side request forgery. |
6.1 |
|
| CVE-2022-29097 |
Dell WMS 3.6.1 and below contains a Path Traversal vulnerability in Device API. A remote attacker could potentially exploit this vulnerability, to gain unauthorized read access to the files stored on the server filesystem, with the privileges of the running web application. |
4.9 |
| Product |
Affected Versions |
Updated Versions |
Link to Update |
| Dell Wyse Management Suite |
3.6.1 and earlier |
3.7 |
|
| Product |
Affected Versions |
Updated Versions |
Link to Update |
| Dell Wyse Management Suite |
3.6.1 and earlier |
3.7 |
|
|
Revision |
Date |
Description |
|
1.0 |
2022-05-31 |
Initial Release |
CVE-2022-29097: Dell Technologies would like to thank bugbounty2k20 for reporting this issue.