2 matches found
CVE-2026-34801 Endian Firewall /manage/dhcp/fixed_leases/ remark Stored Cross-Site Scripting
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the remark parameter to /manage/dhcp/fixedleases/. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...
PT-2026-29761
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the remark parameter to /manage/dhcp/fixed leases/. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...