CVE-2022-22944

Name of the Vulnerable Software and Affected Versions VMware Workspace ONE Boxer (affected versions not specified)

Description The issue is related to a stored cross-site scripting (XSS) vulnerability due to insufficient sanitization and validation in calendar event descriptions. This allows a malicious actor to inject script tags and execute arbitrary scripts within a user's window. The vulnerability can be exploited by a remote attacker to conduct cross-site scripting attacks.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.