2 matches found
CVE-2026-34818
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the remark parameter to /manage/dnsmasq/localdomains/. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...
CVE-2026-34818
Vulnerability summary (CVE-2026-34818): Endian Firewall versions up to 3.3.25 are affected by a stored XSS in the remark parameter of /manage/dnsmasq/localdomains/. An authenticated user can inject JavaScript that is stored and executed when other users view the page. The provided documents speci...