2 matches found
CVE-2020-3940
CVE-2020-3940 affects VMware Workspace ONE SDK and dependent mobile applications. The root cause is improper handling of certificate verification failures when SSL Pinning is enabled, leading to a potential information disclosure. The CVSSv3.1 base score is 5.9 (confidentiality impact HIGH, no in...
CVE-2022-22944
CVE-2022-22944 affects VMware Workspace ONE Boxer. The issue is a stored XSS in calendar event descriptions caused by insufficient sanitization/validation, enabling injection of script tags. Several sources corroborate a stored XSS vulnerability in Boxer, with VMware’s advisory VMSA-2022-0006 sta...