Vulnerabilities > Dell > EMC Data Protection Advisor > 18.2

DATE CVE VULNERABILITY TITLE RISK
2022-08-30 CVE-2022-33935 Cross-site Scripting vulnerability in Dell EMC Data Protection Advisor
Dell EMC Data Protection Advisor versions 19.6 and earlier, contains a Stored Cross Site Scripting, an attacker could potentially exploit this vulnerability, leading to the storage of malicious HTML or JavaScript codes in a trusted application data store.
network
low complexity
dell CWE-79
5.4
2020-03-18 CVE-2019-18582 Code Injection vulnerability in Dell products
Dell EMC Data Protection Advisor versions 6.3, 6.4, 6.5, 18.2 versions prior to patch 83, and 19.1 versions prior to patch 71 contain a server-side template injection vulnerability in the REST API.
network
low complexity
dell CWE-94
7.2
2020-03-18 CVE-2019-18581 Missing Authorization vulnerability in Dell products
Dell EMC Data Protection Advisor versions 6.3, 6.4, 6.5, 18.2 versions prior to patch 83, and 19.1 versions prior to patch 71 contain a server missing authorization vulnerability in the REST API.
network
low complexity
dell CWE-862
7.2