PT-2026-28634 · Thales · Thales Sentinel Ldk Runtime
Josh Dillon
·
Publicado
2026-03-27
·
Atualizado
2026-03-27
·
CVE-2026-3457
CVSS v4.0
8.3
Alta
| Vetor | AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:N/SC:L/SI:H/SA:N |
Name of the Vulnerable Software and Affected Versions
Thales Sentinel LDK Runtime versions prior to 10.22
Description
The software contains an Improper Neutralization of Input During Web Page Generation issue, which allows for Stored Cross-site Scripting (XSS). This means that malicious scripts can be injected into web pages viewed by other users. The issue affects the software on Windows systems.
Recommendations
Update Thales Sentinel LDK Runtime to version 10.22 or later.
Correção
XSS
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Thales Sentinel Ldk Runtime