CVE Catalog
CVE-2026-6179
MediumCVSS 5.4Exploitation Probability (EPSS)
Low risk0.17%
7th percentile - higher than 7% of all known CVEs
Summary
A Stored Cross-Site Scripting (XSS) vulnerability in the NightWolf Penetration Testing Platform allows an attacker to inject and execute a malicious script in the user's browser.
Risk Assessment
An attacker can hijack user sessions, steal credentials, or perform other malicious actions in the victim's browser context, compromising the confidentiality and integrity of organizational data.
Recommendation
Immediately update the NightWolf Penetration Testing Platform to the latest patched version and implement input validation and sanitization.
Original NVD description (English source)
Stored Cross Site Scripting in NightWolf Penetration Testing Platform allows attack trigger and run malicious script in user's browser

