Lucene search
+L

8 matches found

cnvd
cnvd
added 2026/04/07 12:0 a.m.7 views

Endian Firewall dscp Parameter Cross-Site Scripting Vulnerability

Endian Firewall is a network security firewall system from Endian. A cross-site scripting vulnerability exists in the Endian Firewall dscp parameter, which stems from improper handling of the dscp parameter in /manage/qos/rules/, and can be exploited by an attacker to inject malicious JavaScript...

6.4CVSS5AI score0.00168EPSS
Exploits0
nvd
nvd
added 2026/04/02 3:16 p.m.4 views

CVE-2026-34804

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the dscp parameter to /manage/qos/rules/. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...

6.4CVSS0.00168EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2026/04/02 2:45 p.m.2 views

CVE-2026-34804 Endian Firewall /manage/qos/rules/ dscp Stored Cross-Site Scripting

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the dscp parameter to /manage/qos/rules/. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...

6.4CVSS5.9AI score0.00168EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/04/02 2:45 p.m.2 views

CVE-2026-34804

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the dscp parameter to /manage/qos/rules/. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...

6.4CVSS5.9AI score0.00168EPSS
Exploits0References3Affected Software1
cvelist
cvelist
added 2026/04/02 2:45 p.m.22 views

CVE-2026-34804 Endian Firewall /manage/qos/rules/ dscp Stored Cross-Site Scripting

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the dscp parameter to /manage/qos/rules/. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...

6.4CVSS0.00168EPSS
Exploits0References2
cve
cve
added 2026/04/02 2:45 p.m.12 views

CVE-2026-34804

Endian Firewall

6.4CVSS5.9AI score0.00168EPSS
Exploits0References2Affected Software1
cnnvd
cnnvd
added 2026/04/02 12:0 a.m.9 views

Endian Firewall 跨站脚本漏洞

Endian Firewall is a network security firewall system from Endian. A cross-site scripting vulnerability exists in the Endian Firewall dscp parameter, which stems from improper handling of the dscp parameter in /manage/qos/rules/, and can be exploited by an attacker to inject malicious JavaScript...

6.4CVSS5.7AI score0.00168EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/04/02 12:0 a.m.6 views

PT-2026-29764

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the dscp parameter to /manage/qos/rules/. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...

6.4CVSS5.9AI score0.00168EPSS
Exploits0References3
Rows per page
Query Builder