CVE-2026-4772
Severity CVSS v4.0:
Pending analysis
Type:
CWE-79
Cross-Site Scripting (XSS)
Publication date:
02/07/2026
Last modified:
02/07/2026
Description
Improper neutralization of input during web page generation (&#39;cross-site scripting&#39;) vulnerability in TR7 Cyber Defense Inc. WAF-ASP allows Stored XSS.<br />
<br />
This issue affects WAF-ASP: from v1.0.324.900 before v1.4.0.117.
Impact
Base Score 3.x
5.40
Severity 3.x
MEDIUM



