VMware Workspace ONE SDK and dependent mobile application updates address sensitive information disclosure vulnerability.
5.9CVSS
5.5AI Score
0.001EPSS
VMware Workspace ONE Boxer contains a stored cross-site scripting (XSS) vulnerability. Due to insufficient sanitization and validation, in VMware Workspace ONE Boxer calendar event descriptions, a malicious actor can inject script tags to execute arbitrary script within a user's window.
5.4CVSS
5.3AI Score
0.001EPSS