CVE-2026-8474 (GCVE-0-2026-8474)
Vulnerability from cvelistv5
Published
2026-06-01 07:47
Modified
2026-06-01 13:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper neutralization of input during web page generation ('cross-site scripting')
Summary
A vulnerability was discovered on Stormshield Network Security
* 4.3.0 to 4.3.41,
* 4.8.0 to 4.8.15,
* 5.0.0 to 5.0.5
It is possible to execute a reflected XSS attack on the login API available on Stormshield SNS appliance by executing a script on the victim's machine. The risks include the theft of cookies or other sensitive data, as well as the modification of page behavior, for example, by redirecting the victim to malicious websites.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| StormShield | StormShield Network Security |
Version: 4.3.0 ≤ 4.3.41 Version: 4.8.0 ≤ 4.8.15 Version: 5.0.0 ≤ 5.0.5 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-8474",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-01T13:05:31.957702Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T13:05:45.399Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "StormShield Network Security",
"vendor": "StormShield",
"versions": [
{
"lessThanOrEqual": "4.3.41",
"status": "affected",
"version": "4.3.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.8.15",
"status": "affected",
"version": "4.8.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.0.5",
"status": "affected",
"version": "5.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA vulnerability was discovered on Stormshield Network Security\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003e4.3.0 to 4.3.41,\u0026nbsp;\u003c/li\u003e\u003cli\u003e4.8.0 to 4.8.15,\u0026nbsp;\u003c/li\u003e\u003cli\u003e5.0.0 to 5.0.5\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003eIt is possible to execute a reflected XSS attack on the login API available on Stormshield SNS appliance by executing a script on the victim\u0027s machine. The risks include the theft of cookies or other sensitive data, as well as the modification of page behavior, for example, by redirecting the victim to malicious websites.\u003c/p\u003e"
}
],
"value": "A vulnerability was discovered on Stormshield Network Security\u00a0\n\n\n\n\n\n * 4.3.0 to 4.3.41,\u00a0\n * 4.8.0 to 4.8.15,\u00a0\n * 5.0.0 to 5.0.5\n\n\n\n\n\n\n\n\nIt is possible to execute a reflected XSS attack on the login API available on Stormshield SNS appliance by executing a script on the victim\u0027s machine. The risks include the theft of cookies or other sensitive data, as well as the modification of page behavior, for example, by redirecting the victim to malicious websites."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper neutralization of input during web page generation (\u0027cross-site scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T07:50:04.199Z",
"orgId": "24a3c815-5f22-4d74-967a-30958d6466f4",
"shortName": "airbus"
},
"references": [
{
"url": "https://advisories.stormshield.eu/2026-003/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe following updates fix this vulnerability:\u003c/p\u003e\u003cul\u003e\u003cli\u003eSNS 5.0.6\u003c/li\u003e\u003cli\u003eSNS 4.8.16\u003c/li\u003e\u003cli\u003eSNS 4.3.42\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "The following updates fix this vulnerability:\n\n * SNS 5.0.6\n * SNS 4.8.16\n * SNS 4.3.42"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Possible to run a Cross Site Scripting request on the login API available on Stormshield SNS appliances.",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "24a3c815-5f22-4d74-967a-30958d6466f4",
"assignerShortName": "airbus",
"cveId": "CVE-2026-8474",
"datePublished": "2026-06-01T07:47:54.875Z",
"dateReserved": "2026-05-13T13:10:26.492Z",
"dateUpdated": "2026-06-01T13:05:45.399Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…