CVE-2022-33929

Name of the Vulnerable Software and Affected Versions Dell Wyse Management Suite versions 3.6.1 and below

Description The issue is a Reflected Cross-Site Scripting vulnerability located in the EndUserSummary page. An authenticated attacker could exploit this, leading to the execution of malicious HTML or JavaScript code in a victim user's web browser. This may result in information disclosure, session theft, or client-side request forgery.

Recommendations For versions 3.6.1 and below, update to a version above 3.6.1 to resolve the issue. As a temporary workaround, consider restricting access to the EndUserSummary page until a patch is available.