CVE-2026-34813 in Firewallinformación

Resumen (Inglés)

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the user parameter to /cgi-bin/proxyuser.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Responsable

VulnCheck

Reservar

2026-03-30

Divulgación

2026-04-02

Estado

Confirmado

Voces

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerabilidad	CWE	Exp	Con	CVE
354919	Endian Firewall Parameter proxyuser.cgi secuencias de comandos en sitios cruzados	79	No está definido	No está definido	CVE-2026-34813

Descripción

CPE

CWE

CVSS

Hazañas

Historia

Diferencia

Relacionar

Inteligencia de amenazas

API JSON

API XML

API CSV

Fuentes

MITRE
NVD
CVE Details

◂ AnteriorVisión De ConjuntoPróximo ▸

Want to know what is going to be exploited?

We predict KEV entries!