Dell Update Manager Plugin Basic Cross-Site Scripting Vulnerability

A cross-site scripting vulnerability has been identified in the Dell Update Manager Plugin, affecting versions 1.5.0 through 1.6.0. This vulnerability arises from improper sanitization of script-related HTML tags, allowing low-privileged attackers with remote access to potentially exploit the issue, leading to information exposure.

Impact

Exploitation of this vulnerability could result in cross-site scripting, allowing for the injection of malicious scripts that could be executed in the context of the user's session.

Remediation

Users can update to Dell Update Manager Plugin version 1.7.0 to address this vulnerability. For those already using version 1.7.0, no further action is required.