CVE-2026-22322

CWE-79 — Cross-site Scripting (XSS)3 documents3 sources

Severity

7.1HIGH

EPSS

0.1%

top 74.94%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Phoenix Contact FL NAT 2008 Phoenix Contact FL NAT 2208 Phoenix Contact FL NAT 2304-2gc-2sfp +74 more

Timeline

PublishedMar 18

Description

A stored cross‑site scripting (XSS) vulnerability in the Link Aggregation configuration interface allows an unauthenticated remote attacker to create a trunk entry containing malicious HTML/JavaScript code. When the affected page is viewed, the injected script executes in the context of the victim’s browser, enabling unauthorized actions such as interface manipulation. The session cookie is secured by the httpOnly Flag. Therefore an attacker is not able to take over the session of an authenticat…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:LExploitability: 2.8 | Impact: 3.7

Affected Packages77 packages

▶CVEListV5phoenix_contact/fl_nat_20080.0.0 — 3.53

▶CVEListV5phoenix_contact/fl_nat_22080.0.0 — 3.53

▶CVEListV5phoenix_contact/fl_switch_20050.0.0 — 3.53

▶CVEListV5phoenix_contact/fl_switch_20080.0.0 — 3.53

▶CVEListV5phoenix_contact/fl_switch_20160.0.0 — 3.53

🔴Vulnerability Details

GHSA

GHSA-j2wh-rp49-235f: A stored cross‑site scripting (XSS) vulnerability in the Link Aggregation configuration interface allows an unauthenticated remote attacker to create↗2026-03-18

▶

CVEList

Stored Cross‑Site Scripting in Link Aggregation Name Handling↗2026-03-18

▶