Lucene search
+L

4 matches found

CNVD
CNVD
added 2026/04/07 12:0 a.m.5 views

Endian Firewall new_cert_name Parameter Cross-Site Scripting Vulnerability

Endian Firewall is a network security firewall system from Endian. A cross-site scripting vulnerability exists in the Endian Firewall newcertname parameter, which stems from improper handling of the newcertname parameter in /manage/ca/certificate/, and can be exploited by an attacker to inject...

6.4CVSS5AI score0.00092EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/04/02 2:46 p.m.2 views

CVE-2026-34822 Endian Firewall /manage/ca/certificate/ new_cert_name Stored Cross-Site Scripting

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the newcertname parameter to /manage/ca/certificate/. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...

6.4CVSS5.9AI score0.00092EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/02 2:46 p.m.2 views

CVE-2026-34822

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the newcertname parameter to /manage/ca/certificate/. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...

6.4CVSS5.9AI score0.00092EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/04/02 2:46 p.m.14 views

CVE-2026-34822

Endian Firewall prior to 3.3.25 is affected by a stored XSS in the new_cert_name parameter of /manage/ca/certificate/. An authenticated attacker can inject JavaScript that is stored and executed when other users view the page. CVE-2026-34822; exploitation details, affected versions, and remediati...

6.4CVSS5.9AI score0.00092EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder