VYPR
Medium severity4.8NVD Advisory· Published Mar 31, 2026· Updated Apr 13, 2026

CVE-2026-3468

CVE-2026-3468

Description

A stored Cross-Site Scripting (XSS) vulnerability has been identified in the SonicWall Email Security appliance due to improper neutralization of user-supplied input during web page generation, allowing a remote authenticated attacker as admin user to potentially execute arbitrary JavaScript code.

Affected products

2
  • cpe:2.3:a:sonicwall:email_security:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:sonicwall:email_security:*:*:*:*:*:*:*:*range: <10.0.35.8405
    • (no CPE)

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.