Skip to main content

Cyber Controller

1 CVEs product

Monthly

CVE-2026-12812 LOW Monitor

HTML injection in Radware Cyber Controller's HTML Report Generation component allows authenticated remote attackers to embed arbitrary HTML tags - including script-related content - into generated reports, enabling potential cross-site scripting scenarios targeting users who view those reports. All 10.x releases through 10.11.0 are confirmed affected per ENISA EUVD-2026-38198. A public proof-of-concept exploit has been disclosed (CVSS 4.0 E:P); the vendor was notified but did not respond, leaving no vendor-released patch available at time of analysis.

XSS Cyber Controller
NVD VulDB
CVSS 4.0
2.0
EPSS
0.2%
EPSS 0% CVSS 2.0
LOW Monitor

HTML injection in Radware Cyber Controller's HTML Report Generation component allows authenticated remote attackers to embed arbitrary HTML tags - including script-related content - into generated reports, enabling potential cross-site scripting scenarios targeting users who view those reports. All 10.x releases through 10.11.0 are confirmed affected per ENISA EUVD-2026-38198. A public proof-of-concept exploit has been disclosed (CVSS 4.0 E:P); the vendor was notified but did not respond, leaving no vendor-released patch available at time of analysis.

XSS Cyber Controller
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy