CVE-2022-33935

CVSS 5.4 - MEDIUM
Description

Dell EMC Data Protection Advisor versions 19.6 and earlier, contains a Stored Cross Site Scripting, an attacker could potentially exploit this vulnerability, leading to the storage of malicious HTML or JavaScript codes in a trusted application data store. When a victim user accesses the data store through their browsers, the malicious code gets executed by the web browser in the context of the vulnerable web application. Exploitation may lead to information disclosure, session theft, or client-side request forgery.

Affected Products
1
Vendor Product Version
dell emc_data_protection_advisor All versions
References
https://www.dell.com/support/kbdoc/en-us/000201824...
https://www.dell.com/support/kbdoc/en-us/000201824...
Weakness Types
CWE-79 CWE-79
CVE Information
CVE ID:
CVE-2022-33935
Published:
2022-08-30
Modified:
2024-11-21
CVSS Score:
5.4
Severity:
MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Affected Vendors
dell
Quick Actions
View on NVD Find Similar CVEs
CVSS Severity Scale
0.0 - 3.9 LOW
4.0 - 6.9 MEDIUM
7.0 - 8.9 HIGH
9.0 - 10.0 CRITICAL