Description
An Angular template injection vulnerability was discovered in the Reports functionality due to improper validation of an input parameter. An authenticated user with report privileges can define a malicious report containing an Angular template payload, or a victim can be socially engineered to import a malicious report template. When the victim views or imports the report, the Angular template executes in their browser context, allowing the attacker to modify application data, or disrupt application availability. Full XSS exploitation and direct information disclosure are prevented by the existing input validation and Content Security Policy configuration.
Published: 2026-05-19
Score: 5.1 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

An Angular template injection flaw exists in the Reports feature of Nozomi Networks CMC and Guardian. An authenticated user with report privileges can embed a malicious Angular template, or a victim may be tricked into importing a compromised template. When the report is viewed or imported, the payload runs in the victim’s browser, potentially allowing the attacker to alter application data or impair application availability. Existing input validation and CSP measures block full XSS exploitation and direct data leakage, but the flaw still permits dangerous client‑side code execution.

Affected Systems

The vulnerability affects Nozomi Networks CMC and Guardian software. Versions prior to 26.1.0 are affected; the precise version range is not explicitly listed, but the recommendation is to upgrade to v26.1.0 or later to address the issue.

Risk and Exploitability

The CVSS score of 5.1 indicates moderate severity, and no EPSS data is available, leaving the precise exploitation likelihood uncertain. The vulnerability is not included in the CISA KEV catalog. The attack requires an authenticated user with report privileges, meaning the threat is restricted to internal users or attackers who have compromised such accounts. However, social engineering could expand exposure. Once exploited, the risk is client‑side code execution with potential data modification or service disruption. Mitigation relies on upgrading the affected software.

Generated by OpenCVE AI on May 19, 2026 at 14:36 UTC.

Remediation

Vendor Solution

Upgrade to v26.1.0 or later.

Vendor Workaround

Use internal firewall features to limit access to the web management interface.

OpenCVE Recommended Actions

  • Upgrade Nozomi Networks CMC and Guardian to version 26.1.0 or later.
  • Use internal firewall features to restrict access to the web management interface.
  • Review all accounts with report privileges and delete accounts that are unnecessary.

Generated by OpenCVE AI on May 19, 2026 at 14:36 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 19 May 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 19 May 2026 13:45:00 +0000

Type Values Removed Values Added
Description An Angular template injection vulnerability was discovered in the Reports functionality due to improper validation of an input parameter. An authenticated user with report privileges can define a malicious report containing an Angular template payload, or a victim can be socially engineered to import a malicious report template. When the victim views or imports the report, the Angular template executes in their browser context, allowing the attacker to modify application data, or disrupt application availability. Full XSS exploitation and direct information disclosure are prevented by the existing input validation and Content Security Policy configuration.
Title Angular template injection in Reports in Guardian/CMC before 26.1.0
First Time appeared Nozomi Networks
Nozomi Networks cmc
Nozomi Networks guardian
Weaknesses CWE-1336
CPEs cpe:2.3:a:nozomi_networks:cmc:*:*:*:*:*:*:*:*
cpe:2.3:a:nozomi_networks:guardian:*:*:*:*:*:*:*:*
Vendors & Products Nozomi Networks
Nozomi Networks cmc
Nozomi Networks guardian
References
Metrics cvssV3_1

{'score': 4.6, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L'}

cvssV4_0

{'score': 5.1, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N'}

Subscriptions

Nozomi Networks Cmc Guardian
cve-icon MITRE

Status: PUBLISHED

Assigner: Nozomi

Published:

Updated: 2026-05-19T14:09:56.116Z

Reserved: 2025-04-16T09:04:35.923Z

Link: CVE-2025-40900

cve-icon Vulnrichment

Updated: 2026-05-19T14:09:48.255Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-19T14:16:27.560

Modified: 2026-05-19T14:37:55.490

Link: CVE-2025-40900

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-19T15:45:08Z

Weaknesses