exploitDog

CVE-2025-27693

Опубликовано: 02 апр. 2025

Источник: nvd

CVSS3: 4.9

CVSS3: 4.8

EPSS Низкий

Описание

Dell Wyse Management Suite, versions prior to WMS 5.1, contains an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Script injection.

Ссылки

https://www.dell.com/support/kbdoc/en-us/000296515/dsa-2025-135
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:dell:wyse_management_suite:*:*:*:*:*:*:*:*

Версия до 5.1 (исключая)

EPSS

Процентиль: 41%

0.00188

Низкий

4.9 Medium

CVSS3

4.8 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-87c6-wxwq-rjm3

CVSS3: 4.9

github

10 месяцев назад

Dell Wyse Management Suite, versions prior to WMS 5.1, contains an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Script injection.

EPSS

Процентиль: 41%

0.00188

Низкий

4.9 Medium

CVSS3

4.8 Medium

CVSS3

Дефекты

CWE-79