CVE-2025-22402

Published Feb 7, 2025

Last updated 16 days ago

CVSS low 2.6

Overview

Description
Dell Update Manager Plugin, version(s) 1.5.0 through 1.6.0, contain(s) an Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.
Source
security_alert@emc.com
NVD status
Received

Risk scores

CVSS 3.1

Type
Secondary
Base score
2.6
Impact score
1.4
Exploitability score
1.2
Vector string
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N
Severity
LOW

Weaknesses

security_alert@emc.com
CWE-80

Social media

Hype score
Not currently trending

  1. 🚨 Security Alert: A critical vulnerability (CVE-2025-22402) has been discovered in the Dell Update Manager Plugin. Versions 1.5.0 to 1.6.0 are affected, exposing sensitive data to potential attacks. https://t.co/vzmsixfW87 #CyberSecurity #Dell #SecurityUpdate #Vulnerability ht

    @Hosainfosec

    10 Feb 2025

    46 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. Dell Technologies emitió una alerta de ciberseguridad (CVE-2025-22402) sobre una vulnerabilidad en su complemento Update Manager (UMP) que podría permitir explotar datos confidenciales a través de la neutralización incorrecta de etiquetas HTML en páginas web. 🧉 https://t.co/eIW

    @MarquisioX

    8 Feb 2025

    40 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  3. برای Dell Update Manager Plugin (UMP) آسیب پذیری با کد شناسایی CVE-2025-22402 منتشر شده که باعث افشای اطلاعات مهم می شود. این آسیب پذیری که نوعی xss می باشد در نسخه 1.5.0 تا 1.6.0 این محصول وجود دارد.برای پیشگیری به روز رسانی نمایید. https://t.co/Poz3aKY03t https://t.co/YSVw7aq31

    @AmirHossein_sec

    7 Feb 2025

    26 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. CVE-2025-22402 - Dell Update Manager Plugin Basic Cross-Site Scripting Vulnerability https://t.co/1I3DLhe421

    @WhalersLtd

    7 Feb 2025

    24 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. CVE-2025-22402 Dell Update Manager Plugin, version(s) 1.5.0 through 1.6.0, contain(s) an Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability.… https://t.co/DEMLL36nk8

    @CVEnew

    7 Feb 2025

    380 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References