Stanislav Kravchenko

**Name of the Vulnerable Software and Affected Versions** Dell OpenManage Enterprise versions prior to 4.1.0 **Description** The issue is related to an Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting (XSS), which could allow a high privileged attacker with remote access to inject scripts. This could potentially lead to script injection. A high privileged local attacker could also exploit this vulnerability, leading to JavaScript injections in the UI. **Recommendations** For versions prior to 4.1.0, update to version 4.1.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the UI to minimize the risk of exploitation. Avoid using the vulnerable UI until the issue is resolved.