{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-22T00:21:52.660","vulnerabilities":[{"cve":{"id":"CVE-2026-26357","sourceIdentifier":"security_alert@emc.com","published":"2026-02-17T20:22:10.437","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Dell Unisphere for PowerMax, version(s) 9.2.4.x, contain(s) an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to the execution of malicious HTML or JavaScript code in a victim user's web browser in the context of the vulnerable web application. Exploitation may lead to information disclosure, session theft, or client-side request forgery."},{"lang":"es","value":"Dell Unisphere para PowerMax, versión(es) 9.2.4.x, tiene una vulnerabilidad de neutralización incorrecta de la entrada durante la generación de páginas web ('Cross-site Scripting'). Un atacante con pocos privilegios con acceso remoto podría, potencialmente, explotar esta vulnerabilidad, lo que llevaría a la ejecución de código HTML o JavaScript malicioso en el navegador web de un usuario víctima en el contexto de la aplicación web vulnerable. La explotación puede llevar a revelación de información, robo de sesión, o falsificación de solicitudes del lado del cliente."}],"metrics":{"cvssMetricV31":[{"source":"security_alert@emc.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}]},"weaknesses":[{"source":"security_alert@emc.com","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://www.dell.com/support/kbdoc/en-us/000402262/dsa-2025-425-dell-powermaxos-dell-powermax-eem-dell-unisphere-for-powermax-dell-unisphere-for-powermax-virtual-appliance-dell-unisphere-360-dell-solutions-enabler-virtual-appliance-security-update-for-multiple-vulnerabilities","source":"security_alert@emc.com"}]}}]}