VDB
CVE-2026-28263
CVE-2026-28263
PUBLISHED
CVSS 5.900000095367432 MEDIUM
Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.50, contain a cross-site Scripting vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Script injection.
EPSS 0.01% · 1.3th percentile
Risk Scores
CVSS 3.1
5.900000095367432
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L
EPSS Score
0.01%
1.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dell | PowerProtect Data Domain | 0, 0, 0 |
Timeline
- Apr 17, 2026 CVE Published
- Apr 17, 2026 PoC Published
- Apr 18, 2026 Security Advisory
- Apr 18, 2026 CVE Updated
- May 18, 2026 EPSS Score
- May 19, 2026 EPSS Score
- May 20, 2026 EPSS Score
- May 21, 2026 EPSS Score
- May 22, 2026 EPSS Score
- May 23, 2026 EPSS Score
- May 24, 2026 EPSS Score
- May 25, 2026 EPSS Score