Dell Unisphere for PowerMax
Moderate fix1 remedy
cpe:2.3:a:dell:unisphere_for_powermax:*:*:*:*:*:*:*
Moderate fix1 remedy
- >= 9.2.4.0, < 9.2.4.19
Dell Unisphere for PowerMax vApp Cross-Site Scripting Vulnerability
Vulnerability
Patched
A cross-site scripting vulnerability has been identified in Dell Unisphere for PowerMax vApp, version 9.2.4.x. This vulnerability arises from improper input neutralization during web page generation, allowing a low-privileged attacker with remote access to execute malicious HTML or JavaScript in the context of the affected web application. Exploitation could lead to information disclosure, session theft, or client-side request forgery.
Impact
Exploitation of this vulnerability could result in the execution of malicious scripts in the context of the victim user's browser, potentially leading to session theft, information disclosure, or client-side request forgery.
Remediation
Users can upgrade to Dell Unisphere for PowerMax version 9.2.4.19 or later. Instructions for downloading the update are available on the Dell Unisphere for PowerMax Drivers page.
Added: Feb 17, 2026, 2:18 PM
Updated: Feb 17, 2026, 2:18 PM
Vulnerability Rating
Custom Algorithm
spread
2.6impact
3.5exploitability
4.6remediation
7.7relevance
3.1threat
0.0urgency
2.9incentive
0.0Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.