CVE-2026-5754
Reflected XSS in Radware Alteon vADC Enables Script Injection
Publication date: 2026-04-14
Last updated on: 2026-04-21
Assigner: CERT/CC
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| radware | alteon | 34.5.4.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a Reflected Cross-Site Scripting (XSS) issue found in Radware Alteon 34.5.4.0 vADC load-balancer. It allows an attacker to inject malicious scripts into the website, which are then reflected back to users. This can lead to unauthorized actions or other malicious activities executed in the context of the affected website.
How can this vulnerability impact me? :
The vulnerability can impact you by enabling attackers to perform unauthorized actions on your website or application, steal sensitive data, or execute malicious scripts on behalf of users. This can compromise user accounts, lead to data theft, or cause other harmful effects depending on the nature of the injected scripts.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The Reflected Cross-Site Scripting (XSS) vulnerability in Radware Alteon 34.5.4.0 vADC load-balancer allows attackers to inject malicious scripts, which can lead to unauthorized actions and data theft. Such security weaknesses can compromise the confidentiality and integrity of personal or sensitive data.
This type of vulnerability may negatively impact compliance with common standards and regulations like GDPR and HIPAA, which require protection of personal and sensitive data against unauthorized access and breaches.