CVE Catalog
CVE-2026-41098
HighCVSS 8.4Exploitation Probability (EPSS)
Low risk0.74%
50th percentile - higher than 50% of all known CVEs
Summary
Improper neutralization of input during web page generation ('cross-site scripting') in Azure Stack Edge allows an authorized attacker to perform spoofing over a network.
Risk Assessment
An attacker could exploit this vulnerability to carry out spoofing attacks, potentially leading to loss of user trust and data integrity breaches.
Recommendation
It is recommended to review and enhance input neutralization mechanisms in applications using Azure Stack Edge to minimize the risk of XSS attacks.
Original NVD description (English source)
Improper neutralization of input during web page generation ('cross-site scripting') in Azure Stack Edge allows an authorized attacker to perform spoofing over a network.

