Check CVE Id
Check CWE Id
Cross-site scripting (XSS) vulnerability in sgms/panelManager in Dell SonicWALL GMS, Analyzer, and UMA before 7.2 SP1 allows remote attackers to inject arbitrary web script or HTML via the node_id parameter.
See advisories in our WLB2 database:
SonicWALL GMS 7.2 Build 7221.1701 Cross Site Scripting
(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))
Global management system
Sonicwall global management system
CVSS Base Score
Dell SupportAssist for Business PCs version 2.0 and Dell SupportAssist for Home PCs version 2.2, 2.2.1, 2.2.2, 2.2.3, 3.0, 3.0.1, 3.0.2, 3.1, 3.2, and 3.2.1 contain an Improper Privilege Management Vulnerability. A malicious local user can exploit th...
Dell EMC Avamar ADMe Web Interface 1.0.50 and 1.0.51 are affected by an LFI vulnerability which may allow a malicious user to download arbitrary files from the affected system by sending a specially crafted request to the Web Interface application.
Dell EMC OpenManage Server Administrator (OMSA) versions prior to 184.108.40.206 and prior to 220.127.116.11 contain a web parameter tampering vulnerability. A remote unauthenticated attacker could potentially manipulate parameters of web requests to OMSA to creat...
Dell EMC OpenManage Server Administrator (OMSA) versions prior to 18.104.22.168 and prior to 22.214.171.124 contain an XML external entity (XXE) injection vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to read arbitr...
Dell EMC iDRAC9 versions prior to 126.96.36.199, 188.8.131.52, 184.108.40.206 and 220.127.116.11 contain an authentication bypass vulnerability. A remote attacker may potentially exploit this vulnerability to bypass authentication and gain access to the system by...
Dell EMC iDRAC6 versions prior to 2.92, iDRAC7/iDRAC8 versions prior to 18.104.22.168, and iDRAC9 versions prior to 22.214.171.124, 126.96.36.199, 188.8.131.52 and 184.108.40.206 contain a stack-based buffer overflow vulnerability. An unauthenticated remote attacker...
Dell SupportAssist Client versions prior to 220.127.116.11 contain a remote code execution vulnerability. An unauthenticated attacker, sharing the network access layer with the vulnerable system, can compromise the vulnerable system by tricking a victim us...
Dell SupportAssist Client versions prior to 18.104.22.168 contain an improper origin validation vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability to attempt CSRF attacks on users of the impacted systems.
Back to Top