CVE-2025-22402

Name of the Vulnerable Software and Affected Versions Dell Update Manager Plugin versions 1.5.0 through 1.6.0

Description The issue is related to an Improper Neutralization of Script-Related HTML Tags in a Web Page, also known as Basic Cross-Site Scripting (XSS). This could allow a low-privileged attacker with remote access to potentially exploit the vulnerability, leading to information exposure.

Recommendations For versions 1.5.0 through 1.6.0, update to a version that contains the fix for this issue to prevent potential attacks. As a temporary workaround, consider restricting access to sensitive data until a patch is available. Avoid using the plugin until the issue is resolved to minimize the risk of exploitation.