Description
A stored Cross-Site Scripting (XSS) vulnerability has been identified in the SonicWall Email Security appliance due to improper neutralization of user-supplied input during web page generation, allowing a remote authenticated attacker as admin user to potentially execute arbitrary JavaScript code.
Published: 2026-03-31
Score: 4.8 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Stored XSS in admin web interface that enables arbitrary JavaScript execution by an authenticated administrator
Action: Apply Patch
AI Analysis

Impact

A stored cross‑site scripting vulnerability exists in the web interface of SonicWall Email Security appliances. The flaw is caused by improper neutralization of user-supplied input during page generation, allowing a remote authenticated attacker with administrator privileges to inject and run arbitrary JavaScript code within their own browser session. This could enable the attacker to modify page content, capture credentials, or perform unauthorized actions while logged in as admin.

Affected Systems

The vulnerability affects all SonicWall Email Security models listed in the CPEs, including the ESA5000, ESA5050, ESA7000, ESA7050, and ESA9000. No specific firmware or software version is identified in the advisory, meaning that any current firmware on these devices may be vulnerable.

Risk and Exploitability

The CVSS score of 4.8 indicates moderate severity. An EPSS score of less than 1% suggests a low likelihood of widespread exploitation. The flaw is not present in CISA’s Known Exploited Vulnerabilities catalog. Exploitation requires the attacker to be authenticated as an administrator and to access the web interface that generates the stored script. No public exploits or further attack conditions are documented in the CVE data.

Generated by OpenCVE AI on April 13, 2026 at 19:43 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Download and install the latest firmware update from SonicWall’s PSIRT advisory (https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2026-0002).
  • Verify the integrity of the downloaded firmware using SonicWall’s provided checksum or digital signature before applying the update.
  • If a firmware update is not yet available, limit administrative access to trusted personnel, enforce strong password policies, and isolate the appliance from untrusted networks until a patch is released.

Generated by OpenCVE AI on April 13, 2026 at 19:43 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 14 Apr 2026 16:45:00 +0000

Type Values Removed Values Added
Title Stored XSS in SonicWall Email Security allows admin to execute JavaScript

Mon, 13 Apr 2026 17:00:00 +0000

Type Values Removed Values Added
First Time appeared Sonicwall esa5000
Sonicwall esa5050
Sonicwall esa7000
Sonicwall esa7050
Sonicwall esa9000
CPEs cpe:2.3:a:sonicwall:email_security:*:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:esa5000:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:esa5050:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:esa7000:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:esa7050:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:esa9000:-:*:*:*:*:*:*:*
Vendors & Products Sonicwall esa5000
Sonicwall esa5050
Sonicwall esa7000
Sonicwall esa7050
Sonicwall esa9000

Thu, 02 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
Title Stored XSS in SonicWall Email Security allows admin to execute JavaScript
First Time appeared Sonicwall
Sonicwall email Security
Vendors & Products Sonicwall
Sonicwall email Security

Wed, 01 Apr 2026 02:15:00 +0000

Type Values Removed Values Added
Description A stored Cross-Site Scripting (XSS) vulnerability has been identified in the SonicWall Email Security appliance due to improper neutralization of user-supplied input during web page generation, allowing a remote authenticated attacker as admin user to potentially execute arbitrary JavaScript code.
Weaknesses CWE-79
References
Metrics cvssV3_1

{'score': 4.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Subscriptions

Sonicwall Email Security Esa5000 Esa5050 Esa7000 Esa7050 Esa9000
cve-icon MITRE

Status: PUBLISHED

Assigner: sonicwall

Published:

Updated: 2026-03-31T20:35:38.252Z

Reserved: 2026-03-03T09:59:57.366Z

Link: CVE-2026-3468

cve-icon Vulnrichment

Updated: 2026-03-31T20:35:34.532Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-31T21:16:32.950

Modified: 2026-04-13T16:50:20.080

Link: CVE-2026-3468

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-14T16:42:19Z

Weaknesses