# CVE-2026-28263

> Vulnerability · severity: **MEDIUM** (CVSS 5.9).

## Description

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.50, contain a cross-site Scripting vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Script injection.

## Key facts

- **CVE ID:** CVE-2026-28263
- **Published:** 2026-04-17
- **CVSS severity:** MEDIUM
- **CVSS base score:** 5.9
- **CWE codes:** CWE-79

## Affected products

- `dell:powerprotect_data_domain`
- `dell:data_domain_operating_system`

## Primary sources

- NIST NVD: https://nvd.nist.gov/vuln/detail/CVE-2026-28263

## Citation

> AI Analytics. CVE-2026-28263. Retrieved 2026-07-08 from https://api.ai-analytics.org/cve/CVE-2026-28263. Derived from NIST NVD. Licensed CC0.

---

*[Dataset catalog](https://api.ai-analytics.org/datasets/) · [AI Analytics](https://api.ai-analytics.org/) · CC0 1.0*