Security Advisory

CVE-2026-31382

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-20 13:04:45
Last updated 2026-03-23 10:21:50
Assigner rapid7
State PUBLISHED

Description

The error_description parameter is vulnerable to Reflected XSS. An attacker can bypass the domains WAF using a Safari-specific onpagereveal payload.

← Browse all CVEs View on cve.org ↗