216.73.217.86

CVE-2025-22402

· Published 07/02/2025 03:15 · Modified 04/03/2025 14:53

Labels: CVE-2025-22402 2025-02-07CVE-2025-22402CWE-79CWE-80[email protected]

Essential information

Published
07/02/2025 03:15
Modified
04/03/2025 14:53
Author
Creator
CVSS
2.6 LOW (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N

CVSS metrics

Description

Dell Update Manager Plugin, version(s) 1.5.0 through 1.6.0, contain(s) an Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.

NVD status

Status
Analyzed — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
dell / update manager plugin cpe:2.3:a:dell:update_manager_plugin:*:*:*:*:*:*:*:*

References