Security Advisory

CVE-2026-0396

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-31 11:50:51

Last updated 2026-03-31 13:21:08

Assigner OX

State PUBLISHED

Description

An attacker might be able to inject HTML content into the internal web dashboard by sending crafted DNS queries to a DNSdist instance where domain-based dynamic rules have been enabled via either DynBlockRulesGroup:setSuffixMatchRule or DynBlockRulesGroup:setSuffixMatchRuleFFI.

← Browse all CVEs View on cve.org ↗