CVE-2026-42948
Severity CVSS v4.0:
MEDIUM
Type:
CWE-79
Cross-Site Scripting (XSS)
Publication date:
13/05/2026
Last modified:
13/05/2026
Description
Stored cross-site scripting vulnerability exists in ELECOM wireless LAN access point devices. If one of the administrators input malicious data, an arbitrary script may be executed in another administrative user's web browser.
Impact
Base Score 4.0
4.80
Severity 4.0
MEDIUM
Base Score 3.x
4.80
Severity 3.x
MEDIUM



