6 matches found
EUVD-2026-18312
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the DOMAIN parameter to /cgi-bin/smtpdomains.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...
CVE-2026-34815
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the DOMAIN parameter to /cgi-bin/smtpdomains.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...
CVE-2026-34815
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the DOMAIN parameter to /cgi-bin/smtpdomains.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...
CVE-2026-34815 Endian Firewall /cgi-bin/smtpdomains.cgi DOMAIN Stored Cross-Site Scripting
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the DOMAIN parameter to /cgi-bin/smtpdomains.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...
Endian Firewall 跨站脚本漏洞
Endian Firewall is a network security firewall system from Endian. Endian Firewall DOMAIN Parameter Cross-Site Scripting VulnerabilityThe vulnerability stems from improper handling of the DOMAIN parameter in /cgi-bin/smtpdomains.cgi, which can be exploited by an attacker to inject malicious...
PT-2026-29775
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the DOMAIN parameter to /cgi-bin/smtpdomains.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...