CVE-2022-35416
The CVE-2022-35416 entry concerns H3C SSL VPN prior to or through 2022-07-10. The connected nuclei template confirms a cookie-based cross-site scripting vulnerability in the wnm/login/login.json svpnlang parameter, exploitable via the svpnlang cookie to inject scripts in the victim’s browser. Aff...