Nightwolf Penetration Testing Platform

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2026-6179 MEDIUM This Month

Stored cross-site scripting (XSS) in NightWolf Penetration Testing Platform 2.1.5 allows authenticated users to inject malicious scripts that execute in other users' browsers, potentially leading to session hijacking, credential theft, or unauthorized actions performed on behalf of victims. The vulnerability requires user interaction is absent from the CVSS vector (UI:N), meaning the injected payload executes automatically when a victim views affected content. No public exploit code or active exploitation has been confirmed at the time of analysis.

XSS Nightwolf Penetration Testing Platform
NVD
CVSS 4.0
6.3
CVE-2026-6179
CVSS 6.3
MEDIUM This Month

Stored cross-site scripting (XSS) in NightWolf Penetration Testing Platform 2.1.5 allows authenticated users to inject malicious scripts that execute in other users' browsers, potentially leading to session hijacking, credential theft, or unauthorized actions performed on behalf of victims. The vulnerability requires user interaction is absent from the CVSS vector (UI:N), meaning the injected payload executes automatically when a victim views affected content. No public exploit code or active exploitation has been confirmed at the time of analysis.

XSS Nightwolf Penetration Testing Platform
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy