Medium severity4.8NVD Advisory· Published Mar 31, 2026· Updated Apr 13, 2026
CVE-2026-3468
CVE-2026-3468
Description
A stored Cross-Site Scripting (XSS) vulnerability has been identified in the SonicWall Email Security appliance due to improper neutralization of user-supplied input during web page generation, allowing a remote authenticated attacker as admin user to potentially execute arbitrary JavaScript code.
Affected products
2cpe:2.3:a:sonicwall:email_security:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:sonicwall:email_security:*:*:*:*:*:*:*:*range: <10.0.35.8405
- (no CPE)
Patches
Vulnerability mechanics
References
1- psirt.global.sonicwall.com/vuln-detail/SNWLID-2026-0002nvdVendor Advisory
News mentions
0No linked articles in our index yet.