CVE-2026-26357

Name of the Vulnerable Software and Affected Versions Dell Unisphere for PowerMax versions 9.2.4.x

Description Dell Unisphere for PowerMax versions 9.2.4.x contain an Improper Neutralization of Input During Web Page Generation issue, also known as Cross-site Scripting. A low privileged attacker with remote access could potentially execute malicious HTML or JavaScript code in a victim user's web browser within the context of the vulnerable web application. This exploitation may lead to information disclosure, session theft, or client-side request forgery.

Recommendations Update Dell Unisphere for PowerMax to a newer version that addresses this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.