{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T07:43:32.596","vulnerabilities":[{"cve":{"id":"CVE-2026-23861","sourceIdentifier":"security_alert@emc.com","published":"2026-02-17T14:16:01.773","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Dell Unisphere for PowerMax vApp, version(s) 9.2.4.x, contain(s) an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to the execution of malicious HTML or JavaScript code in a victim user's web browser in the context of the vulnerable web application. Exploitation may lead to information disclosure, session theft, or client-side request forgery."},{"lang":"es","value":"Dell Unisphere for PowerMax vApp, versión(es) 9.2.4.x, contiene una vulnerabilidad de neutralización incorrecta de la entrada durante la generación de páginas web ('cross-site scripting'). Un atacante con pocos privilegios y acceso remoto podría potencialmente explotar esta vulnerabilidad, lo que llevaría a la ejecución de código HTML o JavaScript malicioso en el navegador web de un usuario víctima en el contexto de la aplicación web vulnerable. La explotación puede llevar a revelación de información, robo de sesión o falsificación de solicitudes del lado del cliente."}],"metrics":{"cvssMetricV31":[{"source":"security_alert@emc.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}]},"weaknesses":[{"source":"security_alert@emc.com","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://www.dell.com/support/kbdoc/en-us/000402262/dsa-2025-425-dell-powermaxos-dell-powermax-eem-dell-unisphere-for-powermax-dell-unisphere-for-powermax-virtual-appliance-dell-unisphere-360-dell-solutions-enabler-virtual-appliance-security-update-for-multiple-vulnerabilities","source":"security_alert@emc.com"}]}}]}