Dell OpenManage Enterprise, versions 4.1.0 and older, contains an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Script injection.
Metrics
Affected Vendors & Products
References
History
Tue, 20 Aug 2024 17:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-20 |
Tue, 20 Aug 2024 16:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Dell OpenManage Enterprise, versions prior to 4.1.0, contains an XSS injection vulnerability in UI. A high privileged local attacker could potentially exploit this vulnerability, leading to JavaScript injection. | Dell OpenManage Enterprise, versions 4.1.0 and older, contains an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Script injection. |
MITRE
Status: PUBLISHED
Assigner: dell
Published: 2024-05-01T04:03:39.729Z
Updated: 2024-08-20T16:33:25.303Z
Reserved: 2024-03-13T15:44:22.628Z
Link: CVE-2024-28979
Vulnrichment
Updated: 2024-08-02T01:03:51.273Z
NVD
Status : Modified
Published: 2024-05-01T04:15:10.387
Modified: 2024-11-21T09:07:18.823
Link: CVE-2024-28979
Redhat
No data.