Description
A vulnerability was discovered on Stormshield Network Security 





* 4.3.0 to 4.3.41, 
* 4.8.0 to 4.8.15, 
* 5.0.0 to 5.0.5








It is possible to execute a reflected XSS attack on the login API available on Stormshield SNS appliance by executing a script on the victim's machine. The risks include the theft of cookies or other sensitive data, as well as the modification of page behavior, for example, by redirecting the victim to malicious websites.
Published: 2026-06-01
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The flaw permits a reflected XSS attack on the login API of Stormshield SNS appliances. An attacker can inject arbitrary script that runs in the victim’s browser, enabling theft of session cookies or malicious redirects. This client‑side attack compromises confidentiality of session data and can alter user interactions, and is identified as a classic reflected XSS (CWE‑79).

Affected Systems

Versions 4.3.0 to 4.3.41, 4.8.0 to 4.8.15, and 5.0.0 to 5.0.5 of Stormshield SNS are vulnerable. The vendor’s fix is included in SNS 4.3.42, 4.8.16, and 5.0.6.

Risk and Exploitability

The CVSS base score of 5.3 denotes moderate severity. EPSS data is not available and the issue is not listed in the CISA KEV catalog. Exploitation requires the victim to access the login API, typically via a phishing or social engineering vector, so the potential impact is significant but the likelihood is moderate. Once the injected script executes, the attacker can exfiltrate cookies and data or perform drive‑by conversions.

Generated by OpenCVE AI on June 1, 2026 at 10:37 UTC.

Remediation

Vendor Solution

The following updates fix this vulnerability: * SNS 5.0.6 * SNS 4.8.16 * SNS 4.3.42

OpenCVE Recommended Actions

  • Apply the vendor’s patch: upgrade to SNS 5.0.6, 4.8.16, or 4.3.42 depending on your appliance version.
  • If pending upgrade, limit external access to the login API to trusted IP ranges and monitor for suspicious activity.
  • Implement input sanitization and enforce strong content‑security‑policy headers on the login API to reduce XSS risk.

Generated by OpenCVE AI on June 1, 2026 at 10:37 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 01 Jun 2026 15:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 01 Jun 2026 11:45:00 +0000

Type Values Removed Values Added
First Time appeared Stormshield
Stormshield stormshield Network Security
Vendors & Products Stormshield
Stormshield stormshield Network Security

Mon, 01 Jun 2026 09:15:00 +0000

Type Values Removed Values Added
Description A vulnerability was discovered on Stormshield Network Security  * 4.3.0 to 4.3.41,  * 4.8.0 to 4.8.15,  * 5.0.0 to 5.0.5 It is possible to execute a reflected XSS attack on the login API available on Stormshield SNS appliance by executing a script on the victim's machine. The risks include the theft of cookies or other sensitive data, as well as the modification of page behavior, for example, by redirecting the victim to malicious websites.
Title Possible to run a Cross Site Scripting request on the login API available on Stormshield SNS appliances.
Weaknesses CWE-79
References
Metrics cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N'}

Subscriptions

Stormshield Stormshield Network Security
cve-icon MITRE

Status: PUBLISHED

Assigner: airbus

Published:

Updated: 2026-06-01T13:05:45.399Z

Reserved: 2026-05-13T13:10:26.492Z

Link: CVE-2026-8474

cve-icon Vulnrichment

Updated: 2026-06-01T13:05:37.453Z

cve-icon NVD

Status : Deferred

Published: 2026-06-01T09:16:21.163

Modified: 2026-06-01T15:17:42.627

Link: CVE-2026-8474

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-01T11:45:06Z

Weaknesses
  • CWE-79

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')