HTML Injection Vulnerability in Radware Cyber Controller Product
CVE-2026-12812

5.1MEDIUM

Key Information:

Vendor

Radware

Status
Cyber Controller
Vendor
CVE Published:
21 June 2026

What is CVE-2026-12812?

A security flaw has been identified in Radware Cyber Controller, specifically in the HTML report generation component. This vulnerability allows for HTML injection, which can lead to potential remote exploitation. The flaw has been made public, increasing the risk as attackers may leverage this weakness. Radware did not respond to early notifications regarding this issue, emphasizing the importance of vigilance and timely patching from users.

Affected Version(s)

Cyber Controller 10.0

Cyber Controller 10.1

Cyber Controller 10.2

References

https://vuldb.com/vuln/372606
vdb-entry
https://vuldb.com/vuln/372606/cti
signaturepermissions-required
https://vuldb.com/cve/CVE-2026-12812
third-party-advisory

CVSS V4

Score:
5.1
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

VulDB CNA Team
.