CVE-2026-34814 in Firewallinformación

Resumen (Inglés)

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the group parameter to /cgi-bin/proxygroup.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Responsable

VulnCheck

Reservar

2026-03-30

Divulgación

2026-04-02

Estado

Confirmado

Voces

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerabilidad	CWE	Exp	Con	CVE
354915	Endian Firewall Parameter proxygroup.cgi secuencias de comandos en sitios cruzados	79	No está definido	No está definido	CVE-2026-34814

Descripción

CPE

CWE

CVSS

Hazañas

Historia

Diferencia

Relacionar

Inteligencia de amenazas

API JSON

API XML

API CSV

Fuentes

MITRE
NVD
CVE Details

◂ AnteriorVisión De ConjuntoPróximo ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!