CVE-2019-3769
Dell Wyse Management Suite (WMS) prior to 1.4.1 contains a stored cross-site scripting (XSS) vulnerability. A remote authenticated attacker with low privileges can store a malicious payload in the device heartbeat request, which is then executed by victims’ browsers in the vulnerable web applicat...