CVE-2022-32225

Name of the Vulnerable Software and Affected Versions Veeam Management Pack for Microsoft System Center version 8.0

Description A reflected DOM-Based XSS issue exists due to inadequate protection of the web page structure. This could allow a remote attacker to conduct cross-site scripting attacks by convincing a legitimate user to visit a crafted URL on a Veeam Management Pack for Microsoft System Center server, enabling the execution of arbitrary scripts.

Recommendations For Veeam Management Pack for Microsoft System Center version 8.0, consider restricting access to the Help directory until a patch is available. As a temporary workaround, avoid using crafted URLs that could exploit the reflected DOM-Based XSS vulnerability in the Help directory. At the moment, there is no information about a newer version that contains a fix for this vulnerability.