CVE-2026-3468 Sonicwall — Exploit & Vulnerability Details MEDIUM

CVE-2026-3468

MEDIUM CVSS 3.1: 4.8 EPSS 0.05%

Parameter	Value
CVSS	4.8 (MEDIUM)
Type	CWE-79 (Cross-Site Scripting (XSS))
Vendor	Sonicwall
Public PoC	No

A stored Cross-Site Scripting (XSS) vulnerability has been identified in the SonicWall Email Security appliance due to improper neutralization of user-supplied input during web page generation, allowing a remote authenticated attacker as admin user to potentially execute arbitrary JavaScript code.

Attack Parameters

Attack Vector

Network

Can be exploited remotely

Attack Complexity

Low

Easy to exploit

Privileges Required

High

Admin privileges needed

User Interaction

Required

User action required

Impact Assessment

Confidentiality

Low

Partial data leak

Integrity

Low

Partial data modification

Availability

None

No disruption

CVSS Vector v3.1

Weakness Type (CWE)

CWE-79 Cross-Site Scripting (XSS)

References 1

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2026-0002

PSIRT@sonicwall.com

Share Post Share Share Share

Related Vulnerabilities

CVE-2026-4116

Sonicwall

None

CVE-2026-4114

Sonicwall

None

CVE-2026-4113

Sonicwall

None

CVE-2026-4112

Sonicwall

None

CVE-2026-3470

Sonicwall

3.8

Menu

CVE-2026-3468

Attack Parameters

Impact Assessment

CVSS Vector v3.1

Weakness Type (CWE)

References 1

Related Vulnerabilities

CVE-2026-4116

CVE-2026-4114

CVE-2026-4113

CVE-2026-4112

CVE-2026-3470

CVE Details

Editor's Choice

Menu

CVE-2026-3468

Attack Parameters

Impact Assessment

CVSS Vector v3.1

Weakness Type (CWE)

References 1

Related Vulnerabilities

CVE-2026-4116

CVE-2026-4114

CVE-2026-4113

CVE-2026-4112

CVE-2026-3470

CVE Details

Editor's Choice

Stay informed on cybersecurity