CVE-2025-23377 – Dell PowerProtect Data Manager Cross-Site Scripting (XSS)

April 28, 2025

CVE ID : CVE-2025-23377

Published : April 28, 2025, 3:15 p.m. | 3 hours, 50 minutes ago

Description : Dell PowerProtect Data Manager Reporting, version(s) 19.17, 19.18 contain(s) an Improper Encoding or Escaping of Output vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability to inject arbitrary web script or html in reporting outputs.

Severity: 4.2 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-25776 – Codeastro Bus Ticket Booking System XSS

Next Article CVE-2025-23376 – Dell PowerProtect Data Manager Template Engine Template Injection Vulnerability

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

“Bing was not as bad as I thought it was” — search engine gets backhanded compliment as experts explore why people use Google

EA cancels Titanfall incubation project, lays off staff at Apex Legends and Star Wars Jedi developer Respawn Entertainment

“Fear not—we are cooking!” Helldivers 2 devs say there’s “exciting news to come” and a new Warbond in May as we defeat the Illuminate, which surely means it’s about to invade for real and kill us all

The Game Pass hit STALKER 2 just got a huge Xbox award, and I can’t think of a game more deserving

Solution Highlight – Oracle Revenue Management / SSP – Part 1

Solution Highlight – Oracle Revenue Management / SSP – Part 1

Community News: Latest PECL Releases (04.29.2025)

Using Sitecore Connect and OpenAI: A Practical Example for Page Metadata Enhancement

“Bing was not as bad as I thought it was” — search engine gets backhanded compliment as experts explore why people use Google

“Bing was not as bad as I thought it was” — search engine gets backhanded compliment as experts explore why people use Google

EA cancels Titanfall incubation project, lays off staff at Apex Legends and Star Wars Jedi developer Respawn Entertainment

“Fear not—we are cooking!” Helldivers 2 devs say there’s “exciting news to come” and a new Warbond in May as we defeat the Illuminate, which surely means it’s about to invade for real and kill us all

CVE-2025-23377 – Dell PowerProtect Data Manager Cross-Site Scripting (XSS)

Rancher Releases Patch for CVE-2024-22031 Privilege Escalation Vulnerability

High-Severity DoS Vulnerability Found in PowerDNS DNSdist (CVE-2025-30194)

Interpreting and Improving Optimal Control Problems With Directional Corrections

After Microsoft Edge, Chrome tests a Split Tabs feature

Understanding prompt engineering: Unlock the creative potential of Stability AI models on AWS

Vstdlib.dll is Missing or Not Found: 5 Ways to Download it

Oracle Warns of Agile PLM Vulnerability Currently Under Active Exploitation

Search4LLM and LLM4Search: Improving Language Models and Search Engines

Llama-3-Nanda-10B-Chat: A 10B-Parameter Open Generative Large Language Model for Hindi with Cutting-Edge NLP Capabilities and Optimized Tokenization

Bento Laravel SDK

CVE-2025-23377 – Dell PowerProtect Data Manager Cross-Site Scripting (XSS)

Related Posts