2 matches found
CVE-2026-34822
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the newcertname parameter to /manage/ca/certificate/. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...
Endian Firewall 跨站脚本漏洞
Endian Firewall is a network security firewall system from Endian. A cross-site scripting vulnerability exists in the Endian Firewall newcertname parameter, which stems from improper handling of the newcertname parameter in /manage/ca/certificate/, and can be exploited by an attacker to inject...