HIGHCVE-2026-3457Published Modified CNA THA-PSIRT
CVE-2026-3457: Stored XSS vulnerability in Sentinel ACC
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Thales Sentinel LDK Runtime on Windows allows Stored XSS.This issue affects Sentinel LDK Runtime: before 10.22.
Metrics
- CVSS v4.0
- 7.0
- Severity
- HIGH
- Fixed in
- 10.22
- Affected Products
- 1
Fix available
10.22
Affected packages
- Thales / Sentinel LDK Runtime< 10.22 (from 0)
CVSS Vector
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:N/SC:L/SI:H/SA:N/E:PReferences