CVE Catalog

CVE-2026-41098

HighCVSS 8.4
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.74%

50th percentile - higher than 50% of all known CVEs

Summary

Improper neutralization of input during web page generation ('cross-site scripting') in Azure Stack Edge allows an authorized attacker to perform spoofing over a network.

Risk Assessment

An attacker could exploit this vulnerability to carry out spoofing attacks, potentially leading to loss of user trust and data integrity breaches.

Recommendation

It is recommended to review and enhance input neutralization mechanisms in applications using Azure Stack Edge to minimize the risk of XSS attacks.

Original NVD description (English source)

Improper neutralization of input during web page generation ('cross-site scripting') in Azure Stack Edge allows an authorized attacker to perform spoofing over a network.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS