Lucene search
+L

4 matches found

cnvd
cnvd
added 2026/04/07 12:0 a.m.4 views

Endian Firewall NAME Parameter Cross-Site Scripting Vulnerability

Endian Firewall is a network security firewall system from Endian. A cross-site scripting vulnerability exists in the Endian Firewall NAME parameter, which originates from improperly cleaning up the input of the NAME parameter in /cgi-bin/uplinkeditor.cgi, and can be exploited by an attacker to...

6.4CVSS4.9AI score0.00168EPSS
Exploits0
euvd
euvd
added 2026/04/02 3:31 p.m.3 views

EUVD-2026-18282

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the NAME parameter to /cgi-bin/uplinkeditor.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...

6.4CVSS5.9AI score0.00168EPSS
Exploits0References3
nvd
nvd
added 2026/04/02 3:16 p.m.4 views

CVE-2026-34800

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the NAME parameter to /cgi-bin/uplinkeditor.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...

6.4CVSS0.00168EPSS
Exploits0References2
cnnvd
cnnvd
added 2026/04/02 12:0 a.m.8 views

Endian Firewall 跨站脚本漏洞

Endian Firewall is a network security firewall system from Endian. A cross-site scripting vulnerability exists in the Endian Firewall NAME parameter, which originates from improperly cleaning up the input of the NAME parameter in /cgi-bin/uplinkeditor.cgi, and can be exploited by an attacker to...

6.4CVSS5.6AI score0.00168EPSS
Exploits0References2
Rows per page
Query Builder