CVE-2026-3468

MEDIUM NVD

CVSS Score 4.8

Severity MEDIUM

Published Mar 31, 2026

Vendor unknown

Description

A stored Cross-Site Scripting (XSS) vulnerability has been identified in the SonicWall Email Security appliance due to improper neutralization of user-supplied input during web page generation, allowing a remote authenticated attacker as admin user to potentially execute arbitrary JavaScript code.

References

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2026-0002