Stored XSS Vulnerability in WAF-ASP by TR7 Cyber Defense Inc.
CVE-2026-4772
5.4MEDIUM
What is CVE-2026-4772?
A stored cross-site scripting (XSS) vulnerability exists in WAF-ASP by TR7 Cyber Defense Inc. This issue arises from improper neutralization of user input during web page generation, allowing attackers to inject malicious scripts that can be executed when users access affected pages. This vulnerability impacts versions from 1.0.324.900 to 1.4.0.117, posing a significant risk to web applications utilizing this firewall.
Affected Version(s)
WAF-ASP v1.0.324.900
