Security Advisory

CVE-2025-36605

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-08-04 14:04:49

Last updated 2025-08-04 19:41:46

Assigner dell

State PUBLISHED

Description

Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) vulnerability in the CWE-79: Improper Neutralization of Input During Web Page Generation (Cross-site Scripting). An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to the execution of malicious HTML or JavaScript code in a victim users web browser in the context of the vulnerable web application. Exploitation may lead to information disclosure, session theft, or client-side request forgery.

← Browse all CVEs View on cve.org ↗