CVE-2026-23861

Name of the Vulnerable Software and Affected Versions Dell Unisphere for PowerMax vApp versions 9.2.4.x

Description The software contains an Improper Neutralization of Input During Web Page Generation issue, also known as Cross-site Scripting. A low privileged attacker with remote access could potentially execute malicious HTML or JavaScript code in a victim user's web browser within the context of the vulnerable web application. Exploitation may lead to information disclosure, session theft, or client-side request forgery.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.