Stored Cross Site Scripting in NightWolf Penetration Testing Platform
CVE-2026-6179
6.3MEDIUM
What is CVE-2026-6179?
A stored cross site scripting vulnerability exists in the NightWolf Penetration Testing Platform, allowing attackers to inject malicious scripts that can be executed in the browsers of unsuspecting users. This can lead to unauthorized actions on behalf of users, session hijacking, and data theft, making it crucial to patch affected versions to maintain security integrity.
Affected Version(s)
NightWolf Penetration Testing Platform 2.1.5
NightWolf Penetration Testing Platform 2.1.6
References
CVSS V4
Score:
6.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None
Timeline
Vulnerability published
Vulnerability Reserved
Credit
Phan Cong Anh Tuan (phanconganhtuan2003@gmail.com)