{"id":"CVE-2025-36592","details":"Dell Secure Connect Gateway (SCG) Policy Manager, version(s) 5.20. 5.22, 5.24, 5.26, 5.28, contain(s) an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Script injection.","modified":"2026-04-10T05:25:46.348817Z","published":"2025-10-30T16:15:35.430Z","references":[{"type":"ADVISORY","url":"https://www.dell.com/support/kbdoc/en-us/000385220/dsa-2025-391-security-update-for-dell-secure-connect-gateway-policy-manager-for-multiple-vulnerabilities"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"5.32.00.18"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-36592.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}]}