Medium4.8SonicWall
Email Security: stored Cross-Site Scripting (XSS) vulnerability has been identified in the SonicWall Email Security appliance due to improper…
SNWLID-2026-0002 Published Mar 31, 2026Updated by vendor Jun 17, 2026
CVE-2026-3468CVE-2026-3469CVE-2026-3470
Affected products & platforms
SonicWallUnclassified
Summary
A stored Cross-Site Scripting (XSS) vulnerability has been identified in the SonicWall Email Security appliance due to improper neutralization of user-supplied input during web page generation, allowing a remote authenticated attacker as admin user to potentially execute arbitrary JavaScript code.
Mitigation
Mitigation steps weren't captured by the parser for this advisory — this is a parsing gap, not a statement that no fix exists. Read the vendor advisory below for the authoritative guidance.
Official advisory · medium-confidence parse· fetched 2 hours ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.